GUWAHATI: Self-taught cybersecurity researcher Nisarga Adhikary, who recently came into the spotlight for uncovering security vulnerabilities in the Central Board of Secondary Education's (CBSE) On-Screen Marking (OSM) portal, has been appointed as an OSINT and Threat Intelligence Engineer at C3iHub, the cybersecurity and cyber defence research centre at IIT Kanpur..
ALSO READ: Mutilated Tiger Carcass Found in Assam's Sonitpur, Poaching Suspected
Adhikary, a software engineer and cybersecurity researcher from Siliguri, gained national attention after identifying multiple security weaknesses in the CBSE's OSM portal, a critical platform used by schools across the country to upload and manage examination marks. The portal plays a key role in the board examination process by enabling schools to submit marks online for result compilation and preparation.
According to reports, the vulnerabilities discovered by Adhikary included flaws related to access controls and data security that could have potentially exposed sensitive student and school-related information if exploited by malicious actors.
After an initial complaint reportedly went unaddressed in February, Adhikary published a detailed technical blog post on May 22 outlining the security concerns. The disclosure drew widespread attention within cybersecurity circles and prompted action from authorities.
CBSE subsequently collaborated with experts from Indian Institute of Technology Madras and Indian Institute of Technology Kanpur to address the vulnerabilities. Teams led by senior faculty members, including Manindra Agrawal, reportedly worked for nearly two weeks from May 24 to patch the identified security gaps. Adhikary was also invited to Delhi to share his findings and assist discussions with the expert team.
Impressed by the young researcher's technical expertise, Agrawal reportedly contacted Adhikary directly after reading his blog post. IIT Kanpur subsequently moved to recruit him for a full-time position at C3iHub, the institute's cybersecurity and cyber-defence research centre.
Despite not having a formal college degree, Adhikary has built a reputation as a full-stack developer, Capture The Flag (CTF) player and open-source contributor, having worked on multiple projects and startup initiatives.
In his new role, Adhikary will focus on open-source intelligence (OSINT) and threat intelligence. Reports indicate that his responsibilities may also expand to include vulnerability assessment and penetration testing, further strengthening the institute's cybersecurity research and defence capabilities.