All Topics
All Topics
Technology
Technology
Design
Design
Programming
Programming
Science
Science
News
News
Gaming
Gaming
Entertainment
Entertainment
Business
Business
Finance
Finance
Sports
Sports
Health
Health
Food
Food
Travel
Travel
Art
Art
Music
Music
Books
Books
Education
Education
Politics
Politics
Personal
Personal
No algorithm. No AI slop. No ads. Just RSS. Pro-human. Indie writers. Real journalism. Open web. Chronological. Hand toasted.

Security Researcher Discloses Critical Vulnerabilities in CBSE's On-Screen Marking Portal

By

dsr12

6d ago· 8 min readenInsight
Bagel score 90 of 100
90/100
Golden Brown
Bagelometer

Crackling crust, pillowy middle. The kind of bagel that earns a second cup of coffee.

Score90TypeanalysisSentimentnegative

Summary

A security researcher (ni5arga) discloses critical vulnerabilities discovered in CBSE's On-Screen Marking Portal, including authentication bypass and full account takeover flaws. The vulnerabilities were found on February 25, 2026, and reported to CERT-In. The article details the technical exploitation of the portal used by the Central Board of Secondary Education (India) for exam evaluation, highlighting serious security weaknesses in a government educational system.

Key quotes

· 3 pulled
I first posted a rough write-up of these vulnerabilities to r/CBSE using a throwaway reddit account, but I figured a proper write-up on my own blog would be a better home for it.
These vulnerabilities were initially discovered on 25 February 2026 and were promptly reported to CERT-In.
The Central Board of Secondary Education (CBSE) is one of the largest national education boards in India.
Snippet from the RSS feed
thoughts about programming, security & life

You might also wanna read

How Electronic Passports Use Cryptography for Security and Authentication

This article explains how electronic passports (eMRTDs) function as embedded devices with filesystems and cryptographic protocols. It detail

blog.trailofbits.com·7mo ago

The AI Backlash: Students and the Growing Resistance to Artificial Intelligence

This article discusses the growing backlash against AI, particularly among university students who feel that large language models have deva

tickettailor.com·41m ago

How to download tweets from any public X account using Circleboom

This article provides a step-by-step guide on how to download tweets from any public X (formerly Twitter) account in bulk using Circleboom's

circleboom.com·1h ago

GitHub Bans Security Researcher Over Windows Zero-Day Exploit Code in YellowKey Dispute

Security researcher Nightmare-Eclipse reportedly lost his GitHub account after posting Windows zero-day exploit code related to the YellowKe

winbuzzer.com·3h ago

Assemblage Mapping as a Tool for Accountability in AI-Supported Legal Advice

This article examines how AI is reshaping legal advice at the infrastructure level, arguing that legally consequential guidance is increasin

slsa.ac.uk·3h ago

Why Jet Aircraft Use Generators Instead of Alternators for Electrical Power

This article explains why modern jet aircraft use generators instead of alternators for their electrical systems. It covers the fundamental

slashgear.com·3h ago