One place I've seen atrocious PRNG use is in web applications. Web app
developers often roll their own salt generators, or session token
generators, or random password generators... then rely on a libc rand
seeded by the process ID, for example, to generate far too little entropy
with far too little quality.
One of the things I find unfortunate is when a particular class of
security problem (say, XSRF) is well known but ignored by so many
developers. Especially when you find those problems on a library level.