Department of Homeland Security releases annual CWE/SANS Top 25 Most Dangerous Software Errors list. The list includes threats such as SQL injection, buffer overflow, cross-site scripting, and failure to encrypt data. These threats were used to steal data sitting on corporate servers this year. The report also discusses how the Stuxnet worm, which disabled Iranian nuclear sites, used hard coding to wreak havoc on computer systems. If you’re interested in reading it you can find the 2011 CWE report here.”]
Source: https://www.csoonline.com/article/2128881/lulzsec–anonymous-hacks-were-avoidable–report-says.html