Nisarga Adhikary, the 19-year-old cybersecurity researcher who drew attention by flagging alleged flaws in the Central Board of Secondary Education’s on-screen marking system, has been hired by IIT Kanpur.
The institute has appointed him to its cybersecurity team at C3iHub, where he will work on analyzing publicly available information and identifying vulnerabilities in websites and applications.
Adhikary has been hired as an open-source intelligence and threat intelligence engineer on a contractual basis. The role marks his first full-time opportunity in a dedicated cybersecurity environment.
Also Read | Vinimay explained: How India’s new digital land port system aims to transform border trade and security
@ni5arga didn't wait for a placement season.
— Pranav (@pranav_cool) June 11, 2026
He solved a real problem.
IIT Kanpur noticed.
That's the future of hiring. pic.twitter.com/zzc41asFGA
Not quite the king's ransom
Adhikary said the salary was lower than he had expected.
“The salary is decent, but I was expecting a bit more,” he told HT, adding that he had grown used to working on projects and with companies based in the US and missed the financial advantage that comes with earning in dollars because of the USD-INR conversion.
IIT Kanpur director Manindra Agrawal said he reached out to Adhikary after reading his blog post on the CBSE portal.
Agrawal described him as one of the youngest engineers to have been hired by the institute and said IIT Kanpur had previously recruited young engineers for the same cybersecurity team.
Agrawal added, Adhikary’s joining would give him an opportunity to strengthen his capabilities while contributing to cybersecurity and threat intelligence work at C3iHub.
Big Win for Ethical Hacking!
— Strategem360 (@strategem360) June 11, 2026
19-year-old Nisarga Adhikary from Siliguri, who responsibly exposed critical security flaws in CBSE’s OSM (On-Screen Marking) system - including master password leaks, OTP bypass, and more - has been hired by IIT Kanpur as an OSINT & Threat…
The findings that sparked attention
Adhikary first came into public focus after he claimed to have found multiple vulnerabilities in CBSE’s OSM system, which was introduced for the evaluation of Class 12 board exam answer sheets.
The issues he reported included OTP bypass, unauthorized access to examiner accounts through a hardcoded master password, and the possibility of accessing millions of students’ answer sheets.
Adhikary began examining the portal after seeing criticism of the new system and studying publicly accessible code loaded in browsers. CBSE, however, has maintained that the flaws were limited to a testing portal and did not affect the actual evaluation system.
Also Read | Precision, vigilance, dominance: INS Dunagiri gets its battle badge as Navy gears up for commissioning
An uncomfortable spotlight
The controversy also prompted broader scrutiny of the portal’s security.
A member of an IIT panel reviewing CBSE’s post-result ecosystem said the OSM portal had not been comprehensively tested for functionality, security weaknesses, and potential risks before deployment, although the panel member added that there was no evidence student records had been leaked or misused.
The portal was created and managed by the private IT service provider Coempt Eduteck.
FAQs
Q1: Who is Nisarga Adhikary?
Ans: Nisarga Adhikary is a 19-year-old cybersecurity researcher who came into the spotlight after reporting alleged vulnerabilities in CBSE's on-screen marking system.
Q2: What role has Nisarga Adhikary been offered at IIT Kanpur?
Ans: IIT Kanpur has hired Adhikary as an open-source intelligence and threat intelligence engineer at its cybersecurity hub, C3iHub.
