In part of an effort to work out some of the 'kinks' in PHP (as far as the security of the language itself), Stefan Esser has proposed a "Month of Bugs" for PHP. The idea is to release security issues found, one for each day - the month's hasn't been specified yet - with complete vulnerability information.
While it is true that many PHP applications are written by people with no clue about security it is absolutely not true that PHP is a secure programming language. I think it is necessary to make ALL people aware of this.
No word yet on when this month will start, but we will keep you posted as soon as it's out. If you'd like to check out the community's response to this effort, check out some of the comments already posted to this announcement on the PHP Security Blog.