If you're interested in PHP security, you might be interested in the PHP Security Forum being hosted by the PHP Developer's Network.

I've already spotted a few topics that look interesting to me:

• Best Practices for "Remember Me"?
• Question about session hijacking

I've been contributing to the SitePoint Forums lately. Although they don't have a forum dedicated specifically to PHP security, the topic comes up frequently on the PHP and PHP Application Design forums.