Developers shouldn't use JSON Web Tokens or JSON Web Encryption in their applications at all, lest their private keys get stolen A vulnerability in a JSON-based web encryption protocol could allow ...