Nisarga Adhikary, a 19-year-old cybersecurity student and expert, has been appointed as an Open-Source Intelligence (OSINT) and Threat Intelligence Engineer at IIT Kanpur’s technology innovation hub, C3iHub. The appointment comes weeks after Adhikary publicly disclosed critical vulnerabilities in the Central Board of Secondary Education’s (CBSE) On-Screen Marking (OSM) portal. According to reports, IIT Kanpur Director Manindra Agrawal contacted Adhikary after reading a blog post published by the young researcher on May 22. Adhikary has been appointed on a contractual basis as an engineer in IIT Kanpur’s cybersecurity team.
“Nisarga Adhikary has been appointed as an engineer in our cybersecurity team. A few years ago, we had similarly recruited a couple of young engineers for the same team. I am not sure whether he is the youngest recruit at IIT Kanpur, but he is certainly among the youngest engineers to have been hired by the institute,” Agrawal said.
What Will Nisarga Adhikary Do At IIT Kanpur?
Nisarga, who cleared his Class 12 examinations this year, will be responsible for analysing actionable information from publicly available sources and identifying vulnerabilities in websites and applications. His work will help organisations detect, address and patch potential security flaws. Officials said his responsibilities will focus on OSINT and threat intelligence-related activities under the institute’s cybersecurity initiatives.
“I am excited about this opportunity because it is the first time I will be working in a security-focused role. In my earlier jobs, I primarily worked as a software engineer, while cybersecurity was more of a hobby,” Nisarga told Hindustan Times.
He added that neither of his parents work in the cybersecurity field and both are employed in the finance sector.
“I started coding when I was six or seven years old, but I became seriously involved in cybersecurity and began participating in Capture the Flag (CTF) and other cybersecurity competitions when I was in Class 6,” he said.
Who Is Nisarga Adhikary?
Adhikary’s professional biography describes him as, “currently doing osint & threat intelligence @ iit kanpur. previously worked with antler and several venture-backed startups backed by leading global vcs. security researcher whose work has been featured by international media and recognized across the cybersecurity community.”
His profile further describes him as a software engineer, full-stack developer, cybersecurity researcher and open-source enthusiast.
According to gis bio on LinkedIn, he primarily works with Golang, TypeScript, Python, Rust and some Zig. He also enjoys building side projects, automating workflows and exploring security edge cases. The profile notes that he has participated in Capture the Flag competitions for several years, focusing mainly on web, pwn and OSINT challenges.
What Nisarga Adhikary Found On CBSE Portal
The vulnerabilities identified by Adhikary form one part of a broader controversy surrounding the adoption of on-screen marking systems. In a detailed blog post published on his website and shared on X on May 22, Adhikary claimed he had discovered multiple critical vulnerabilities in CBSE’s On-Screen Marking portal in February and reported them to the Indian Computer Emergency Response Team (CERT-In).
According to him, several of the identified issues allegedly remained unresolved for months.
In his blog, Adhikary stated that he reported the vulnerabilities to CERT-In on February 25.
As previously reported by Hindustan Times on June 6, he identified five critical flaws in the OSM portal. Among them was the storage of a master password in plain text, which allegedly allowed users to bypass two-factor authentication entirely.
He said he informed CERT-In about the vulnerabilities, but only one issue was patched while the remaining flaws continued to exist until the portal was eventually taken down.
What Nisarga Adhikary Said About His Role At IIT Kanpur
Both Adhikary and IIT Kanpur officials declined to disclose details of his remuneration. However, the young engineer told HT that the compensation was lower than he had anticipated.
“The salary is decent, but I was expecting a bit more. I’m used to working on projects and with companies based in the US, and I do miss the financial advantage that comes with earning in dollars because of the USD-INR conversion,” he said.
Adhikary also said that he is not planning to pursue higher education immediately.
“I want to work on building startups and products which people use. I am not much interested in academia,” he said.
Also Read: CBSE Class 12 Re-evaluation 2026 Window Closes: When Will Revised Results Be Released?
Zubair Amin is a Senior Journalist at NewsX with over seven years of experience in reporting and editorial work. He has written for leading national and international publications, including Foreign Policy Magazine, Al Jazeera, The Economic Times, The Indian Express, The Wire, Article 14, Mongabay, News9, among others. His primary focus is on international affairs, with a strong interest in US politics and policy. He also writes on West Asia, Indian polity, and constitutional issues. Zubair tweets at zubaiyr.amin
