Credit: Unknown Hungarian Teen Hacker
Security researchers are like Sisyphus. We push vulnerabilities uphill, only to wake up the next day to find ourselves pinned underneath our own findings. This year, a researcher found and reported some standard web vulns in the ticketing system for the Budapest Transport Authority, and while he did exercise the flaw, he didn’t actually use his gains (in the form of a reduced priced fare). He was arrested for his troubles. They did offer to work with him in the future and setup a bounty, but not before they received 46000 1* reviews on facebook and protestors on their doorsteps.