With the increasing complexity of code generated by humans and AI, security remains a top priority. Sonar's static code analyzers are continuously improved to help developers keep up with the latest threats. The research team scans for vulnerabilities in popular open-source software, audits findings, and publishes blog posts and talks to educate developers about security issues and their impact. In 2024, Sonar found and reported critical vulnerabilities in various applications across different domains and major programming languages, including developer tools like Jenkins and SourceForge, front-end security topics such as Charset Sniffing Attacks and HTML Sanitization, and CMS management software like Joomla and osTicket. Despite not winning a Pwnie Award nomination, Sonar won the Jenkins Security MVP award for its exemplary advisory and collaboration on vulnerabilities. The team is excited to start the next year with an already filled pipeline of research and invites followers to stay updated through social media.