sorry beat, its hard to keep cool when it seems yours is the only site that isn't working!!
we finally fixed up this mess on our site....
after our server recompiled php, the hardening was interfering with the session name variables that mosGetPAram was trying to deal with submitted by various forms...the variables were 68 characters long and the limit was only 64.
once we increased the limits for GET and POST in suhosin.ini higher than 68, the cbSpoofCheck became functional again and allowed successful submission of forms.
we also went ahead and increased the cookie name limit as well, just in case!
unless you have a dedicated server, you'll have to contact your host to check suhosin.ini and make sure the GET and POST variable limits are set higher than 64.
it worked for us, hope it helps someone else too!