Fixing security-related issues in code is a different kind of problem solving, and we often see developers introducing more problems as they try to fix these issues. I understand this because I was once one of those developers.
Read full article on Github