This past year has been one of the busiest ones on record for IT security professionals, with a seemingly endless stream of high-profile exploits and software vulnerabilities. At the end of 2013, Target revealed what turned out to be the first of many retail breaches over the next 12 months. Retailers large and small were in the news over the course of 2014, with breaches at Home Depot, Staples, Dairy Queen and even the nonprofit Goodwill Industries. Retailers weren’t the only ones under attack in 2014, however; the open-source software development movement was under scrutiny due to several high-profile security incidents. The OpenSSL Heartbleed vulnerability that was first disclosed in April had a wide-reaching impact and consequences that took months to unravel. Heartbleed also ushered in a new era of naming and branding vulnerabilities that extended throughout 2014. The Shellshock bug in the open-source BASH shell was another high-impact vulnerability disclosed in 2014 that left IT professionals scrambling. Not all high-impact flaws were the cause of panic though. The open-source Xen hypervisor that powers much of the world’s public cloud infrastructure was patched before any public exploits emerged. In this slide show, eWEEK takes a look back at the top 10 security incidents and vulnerabilities of 2014.