Yes... In my mind, there are three kinds of security bugs.
1. Caused by pure ignorance and completely avoidable (this bug).
2. Caused by subtle configurations, workflows, programming (mostly avoidable, secret scanning, security linters, code reviews, general intelligence, etc). This is where 99% of security bugs are.
3. Caused by a malicious actor aligning planets with a single intent to maximize their cause. You'll never stop these people (three letter agencies, state actors).
1. Caused by pure ignorance and completely avoidable (this bug).
2. Caused by subtle configurations, workflows, programming (mostly avoidable, secret scanning, security linters, code reviews, general intelligence, etc). This is where 99% of security bugs are.
3. Caused by a malicious actor aligning planets with a single intent to maximize their cause. You'll never stop these people (three letter agencies, state actors).
edit:
A must watch talk https://vimeo.com/95066828