Would it be safe with Magento 2.4.3-p1 to rename the phpsessid cookie to be more secure by adding the __Host- cookie prefix now supported in all modern browsers?
Although configuring a cookie prefix is not supported natively in M2 (should it be?) it can be easily accomplished in the php.ini by reconfiguring session name value.
session.name = __SECURE-PHPSESSID
I'm not familiar with Cookie Prefixes but PHP should support it out of the box: