Security is always a big issue, whether you are writing for a big company or just for fun. But many people, especially beginners, tend to underestimate the importance of securing their applications dramaticially. While stuff like a well-designed interface and the proper function of the application is directly visible, security works the other way round: it's presence ( or a lack thereof ) are only visible when it's in most cases too late. So, as for testing, security is a important quality attribute of your software, and you should care, and if you don't know where to start, the SANS-institute released a very comprehensive list of the most wanted programming errors.

The list was created in collaboration with major actors, like Microsoft, Cisco and other popular names. While not all of them are applicable to all kinds of applications, you will certainly find some that do, and this list is certainly a very good source to start reading on that topic.

Enough written, the document can be found here: Top 25 programming errors.