Mismanagement is the number one cause of software problems. There is an old rule for all types of engineering (including software) - Fast, Cheap, Good - pick any two.

If you want Fast and Good then you need to pay for a top flight programming team.

If you want Cheap and Good then you need to allow a lot of time to testing and bug fixing before release.

If you want Fast and Cheap then you must accept that the quality will not be Good.

With most systems the (mis)management choose Fast and Cheap - and then express surprise that the result is not Good.

A side note -

Any program that accepts user input must assume that the input is malicious until proven otherwise - input data must be checked for correctness before being acted on. This old principle of defensive programming seems to have been almost completely disregarded in modern software.

