Detectify releases major security updates every two weeks, incorporating new findings and enhancements from its security researchers and the Crowdsource ethical hacker community, although confidentiality agreements prevent disclosure of all updates. Recently added to the Detectify scanner are tests for several vulnerabilities reported by Crowdsource researchers, including an Apache Tomcat remote code execution (RCE) vulnerability when "enableCmdLineArguments" is enabled on Windows, and a server-side template injection vulnerability in the Confluence Widget Connector allowing path traversal and RCE. Additionally, a backdoor was identified in the bootstrap-sass gem version 3.2.0.3, which allows crafted cookies to be executed as code. Detectify has also improved its tool's ability to handle embedded metadata in Office files, which can reveal unintended information about the document's authors or creation systems.