CWE/SANS has released a list of what it terms the TOP 25 Most Dangerous Programming Errors. The list is quite interesting but most of it should be common sense even if you don’t always put it into practise, it also provides links on how to deal with the errors. I think this is a must read for all developers. Some notable errors which are very common at OB are included in the list, such as Improper Input Validation, Improper Encoding or Escaping of Output, Cleartext Transmission of Sensitive Information, Download of Code Without Integrity Check, etc etc.