While this sort of threat is clearly out there, it turns out that more often than not security threats happen during software testing and development.

FORBES: Magazine Article

Critical parts are typed up by hand and, despite a wealth of testing tools that claim to catch bugs, the complexity of software makes security flaws and errors nearly unavoidable and increasingly common.

FORBES: Saving Software From Itself

Before its Thursday patch, an exploit that took advantage of the Java security flaws had been included in the widely used Blackhole cybercriminal software kit as well as the Metasploit penetration testing toolset.

FORBES: Oracle's Java Security Woes Mount As Researchers Spot A Bug In Its Critical Bug Fix