On the Ethereum blockchain, many hacks occurred between the years 2017 and 2018, and they continue happening because of buggy contract code. In the year 2018 only, more than $1 billion worth of ether and tokens got stolen from Ethereum smart contracts due to vulnerabilities present in the code that attackers exploited. These hacks happened because of bad coding practices and a lack of testing of the contracts.
Looking at how those hacks happened, there have been many attack patterns that have been identified. It is the developer's responsibility to check their code for all of these known attack patterns. If these attack patterns are not prevented, there could be a loss of money (ether/tokens) or the attacker could enforce unintended transactions on the contracts.
Always keep yourself updated with the new features added in the Ethereum hard-forks or soft-forks. These new features could help you reduce the attack surface. However, some new features in Ethereum could allow more new attack patterns. As and when you learn about a new attack pattern, check your contracts and ensure that your contracts do not form these patterns.
Let's look at some of the well-known attack patterns.