Security & Privacy
Auth0 Symfony SDK's Weak Cookie Encryption Opens Door to Account Takeovers
Auth0's Symfony SDK has a nasty entropy bug that turns session cookies into child's play for brute-forcers. One forged cookie, and boom – your users' accounts are theirs.