[asdff]

Because for malfeasance you need to be smart and clever and for incompetence you need to be dumb or just tired that day and write a typo.

[boring_twenties]

For malfeasance to remain undiscovered you need to be smart and clever.

For the kind of malfeasance that concatenates an SQL query with user input and then shows the whole thing to the user in an error message, you don't need that.