Teen who flagged CBSE portal security flaws secures cybersecurity role at IIT Kanpur

Nisarga Adhikary, the young cybersecurity researcher who came to prominence after uncovering security vulnerabilities in the Central Board of Secondary Education's (CBSE) On-Screen Marking (OSM) portal, has been appointed as an OSINT and Threat Intelligence Engineer at C3iHub, the cybersecurity and cyber defence research centre based at IIT Kanpur.
The appointment marks a significant milestone in Adhikary's transition from student researcher to cybersecurity professional, highlighting the growing recognition of ethical hacking and responsible vulnerability disclosure within India's cybersecurity ecosystem.
Adhikary first attracted national attention after identifying security weaknesses in CBSE's OSM portal, a critical platform used by affiliated schools across the country to upload and manage examination marks. The system plays a key role in the board examination process, enabling schools to submit marks electronically for compilation and result preparation.
Rather than attempting to exploit the vulnerabilities, Adhikary chose to follow responsible disclosure practices, reporting the issues to the relevant authorities. His actions helped draw attention to cybersecurity gaps in educational technology systems and reinforced the importance of proactive security assessments for platforms handling sensitive student data.
The disclosure generated widespread discussion among cybersecurity professionals and education sector stakeholders, many of whom commended his ethical approach to vulnerability research.
More recently, Adhikary again drew attention to CBSE's digital infrastructure after claiming he had managed to play the viral "Bad Apple" animation on a CBSE portal while demonstrating alleged security weaknesses. The incident reignited debate around the security of public-facing government and educational systems.
His appointment at C3iHub, one of India's leading cybersecurity research centres, is seen as recognition not only of his technical expertise but also of his commitment to ethical security practices.
Open Source Intelligence (OSINT) and threat intelligence have become increasingly important elements of modern cybersecurity operations, enabling organisations to identify emerging threats, monitor malicious activity and strengthen defensive capabilities.