docs(security): consolidate Hall of Fame entries and update handbook

- Combine researchers who identified the same vulnerability into a single entry in the README.
- Update researcher bugmithlegend's display name to 0xAlchemist.
- Remove the link to the security audit report from the developer handbook.

Author: bertugfahriozer

README.md

@@ -198,8 +198,6 @@ A huge thank you to the security researchers who have helped make **ci4ms** more
 | **[alpernae](https://github.com/alpernae)** | Assisted with vulnerability triaging and security testing. | Feb 2026 |
 | **[offset](https://github.com/offset)** | Identified Critical vulnerabilities including multiple Stored XSS, Authorization Bypass in Fileeditor, Install Guard Bypass, and CRLF Injection. | Apr 2026 |
 | **[fg0x0](https://github.com/fg0x0)** | Identified Critical Arbitrary File Write (Zip Slip RCE) vulnerabilities in Theme::upload and Backup::restore modules. | Apr 2026 |
-| **[bugmithlegend](https://github.com/bugmithlegend)** | Identified Critical Full Account Takeover and Privilege Escalation via Stored DOM Blind XSS in Backup Management (v2). | Apr 2026 |
-| **[peeefour](https://github.com/peeefour)** | Identified Critical Full Account Takeover and Privilege Escalation via Stored DOM Blind XSS in Backup Management (v2). | Apr 2026 |
-| **[DexterHK](https://github.com/DexterHK)** | Identified Critical Full Account Takeover and Privilege Escalation via Stored DOM Blind XSS in Backup Management (v2). | Apr 2026 |
+| **[0xAlchemist](https://github.com/bugmithlegend)** , **[peeefour](https://github.com/peeefour)** and **[DexterHK](https://github.com/DexterHK)** | Identified Critical Full Account Takeover and Privilege Escalation via Stored DOM Blind XSS in Backup Management (v2). | Apr 2026 |
 
 > If you find a security vulnerability, please report it via [Security Policy](SECURITY.md).

docs/developer-handbook.md

@@ -275,7 +275,6 @@ Application settings are persisted in the `settings` table and cached for 24 hou
 - [CI4MS User Guide (HTML)](./user-guide.html)
 - [CI4MS Theme Development Guide](./theme_development.md)
 - [DOCKER_SETUP.md](../DOCKER_SETUP.md) — Docker environment reference.
-- [security_audit_report.md](../security_audit_report.md) — Comprehensive security audit report and vulnerability mitigations.
 - Internal module documentation: check each module's docblocks for implementation details.
 
 Maintain this handbook as you evolve the stack — update dependencies, asset workflows, or deployment scripts here so the next developer has a reliable source of truth.