Detectify's Crowdsource ethical hacker community has been actively contributing security updates, including zero-day research, to enhance the platform's Surface Monitoring capabilities, which now deliver tests within 25 minutes from identification to deployment. While confidentiality agreements prevent the public disclosure of all security updates, new tests are promptly integrated into the Detectify scanner and are accessible to users. Recent vulnerabilities reported and addressed include a deserialization flaw in Onedev allowing remote code execution, an access token leak in Onedev, and cross-site scripting (XSS) vulnerabilities in Jenzabar, Adminer, and hello.js, which could enable attackers to execute unauthorized JavaScript or steal credentials. These vulnerabilities were submitted by ethical hackers payloadartist, xelkomy, and madrobot, showcasing the collaborative efforts of the community in identifying and mitigating security threats.