Like so many others, my first code was:
10 PRINT "HELLO WORLD"
We started out with some basic operations and grew from there. Unfortunately most people kept what they liked and discarded the rest. Things like data and input validation are seen as a waste of time by so many. Strings and other data which get passed to other processes in other languages (like SQL, or Windows image libraries) also warrant some inspection.
The types of vulnerabilities we find most often happen because programmers are neglecting to pay attention to some of these very basic things. Others are more complex, but if these basic issues are still going on, then it's hard to see programmers as generally professional whether they are commercial or open source writers.
It may come as a surprise to some people, but the mistakes made in coding these days are increasingly critical in nature as civilization is increasingly reliant on what is being written and run out there. Much scrutiny and soul searching should be done. (It won't happen until some really bad things happen and frankly, the truly bad things are too much of an advantage to alphabet agencies so we won't hear a push for this from government in case anyone was waiting for it.)