Me and my few hunderd colleague programmers write in C.
If we go for anecdotal evidence, we win !
There are tools to help with that.
C doesn't have very strong string-handling. Noob programmers will use gets() (which doesn't check the length of the input string. It's easy to get buffer overflows that way). But if the tools-guy(s) on a project set up the environment properly, and programmers are a bit disciplined, there is not much more to worry about than when you program in Java. In fact, I'd say Java is a bigger security risk than C.
The reason C is used less and less is because the benefits of C (control, performance, manage your own memory) aren't necessary for most of the simpler applications. And websites are built in other languages too. But when you need the benefits of C, C is still very popular. Operating Systems, embedded code, Networking Operating Systems, games, etc. Everything on the Internet that is critical is written in C (and some of it in C++).
BTW, OP, if you want to learn another language, and C is a bit too hardcore for you, you should look at Python. Python is a very populair language these days. Used in many environments. Has lots of libraries. And is easier to learn than C.