We wrote about it here <a href="https://www.bearer.com/blog/loom-express-session-incident" rel="nofollow">https://www.bearer.com/blog/loom-express-session-incident</a>
and we also updated the famous NodeGoat project to bring more awareness around that kind of mis configuration <a href="https://github.com/OWASP/NodeGoat/pull/286">https://github.com/OWASP/NodeGoat/pull/286</a>