Apparently Empornium redesigns Gazelle, introducing us to something new called "Project Luminance".
A Staff member of theirs wrote about it:
We'll be making an announcement about it soon, but basically we're rewiriting Gazelle to be secure by design. No more inline (injectable) SQL, proper one time use CSRF tokens for all forms, 2fa and multi-level authentication are also in the works.
For now it's just the public pages (login & password reset) but that requires all the core services to be rewritten. Once we've stabilized the code we'll release it to the public.
Edit: forgot to mention that it's also modular, has a single php entry point and a separate public webroot.