In today's Bits post, I mentioned that a top 25 coding errors report was going to be issued today. Well, it's happened. From the SANS website:
Today in Washington, DC, experts from more than 30 US and international cyber security organizations jointly released the consensus list of the 25 most dangerous programming errors that lead to security bugs and that enable cyber espionage and cyber crime.
The web page listing all the information about the project is here.
There is good stuff there that should be looked at by all who are involved in information security, not to mention those involved in developing programs.