If we use HTTP in web site instead of HTTPS, users may get malicious content.
If we make a web service without SQL Injection protection, attackers may take whatever they want from database.
If we make a web page without XSS protection, user's browser may execute dangerous code.
If we don't protect server from CSRF attack, user's credential may be used by the attacker.
All web developers should care about security issues of web technology !!!