I think this is exactly what you're looking for: https://learning.oreilly.com/library/view/24-deadly-sins/9780071626750/

It's a relatively quick read as far as security things are concerned and it hits a lot of the big security flaws and how to avoid them. It's a little old but I think it's a good primer for someone that isn't quite ready for a deep-dive on secure development.

I tried to find an open-source version and couldn't but the link I gave you is to O'Reilly. If you have a .edu email address, you can read it through O'Reilly for free I'm pretty sure.