GitHub bug briefly gave valid authenticated session cookies to wrong users

Source

Don’t panic: Fewer than 0.001% of sessions compromised through flaw that couldn’t be maliciously triggered If you visit GitHub today you’ll be asked to authenticate anew because the code collaboration locker has squished a bug that sometimes “misrouted a user’s session to the browser of another authenticated user, giving them the valid and authenticated session cookie for another user.”... [...]