Open Source
Auth0 Symfony SDK's Weak Cookies Enable Account Takeovers
Auth0's Symfony SDK has a nasty entropy bug turning cookies into brute-force playgrounds. Attackers forge sessions, snag accounts—your Symfony app might be wide open.