BBC · Channel 5 · KTLA · TV Subject Matter Expert

Ax
Sharma

Security researcher, journalist, and TV expert. Head of Research at Manifold Security. Malware analyst, threat intelligence researcher, and contributor to BleepingComputer, CSO Online, and 50+ global outlets.

Read latest research TV & speaking
Scroll
As seen in
WIRED TechCrunch Ars Technica BleepingComputer BBC Channel 5 KTLA Fortune Business Insider Cyberscoop CSO Online Mail Online Daily Express
50+
Media mentions
700+
Published articles
15+
TV appearances
10+
Years in security
About

Security is a beat,
not a buzzword.

Ax Sharma is a UK-based security researcher and journalist with over 10 years tracking malware campaigns, supply chain attacks, and cybercrime operations. His work spans everything from dissecting novel infostealer variants to investigating underground ransomware groups — with findings that have been picked up by broadcasters and journalists worldwide.

Currently Head of Research at Manifold Security, where he established and leads the R&D function — defining research strategy across AI supply chain integrity and agentic action-layer security, architecting detection pipelines for MCP servers and AI agent skills, designing multi-dimensional scoring frameworks for runtime risk from AI assets, and directing a specialised team of security researchers. Parallel contributor to BleepingComputer and CSO Online.

Previously Senior Security Researcher at Sonatype, where he published 700+ technical analyses on open source supply chain threats. Member of the British Association of Journalists and Canadian Association of Journalists. M.S. Computer Science, Georgia Tech.

Malware analysis & reverse engineering
AI agent & supply chain security
Threat intelligence research
Vulnerability disclosure
Tech journalism & investigation
TV & media commentary
Conference speaking
TV & Speaking

On-screen expertise,
prime-time reach.

Ax Sharma on the BBC Rip-Off Britain studio set with skyline view
BBC One
Rip-Off Britain
Season 17 · Multiple episodes · Cybersecurity expert
 Channel 5 Scams: Don't Get Caught Out! show page
Channel 5
Scams: Don't Get Caught Out!
6 episodes · Prime-time documentary series · SME
 Ax Sharma on BBC iPlayer – Victims of Ukraine War Scammers documentary
BBC World News
Victims of Ukraine War Scammers
BBC documentary · Cybercrime investigation
 Ax Sharma on KTLA 5 Morning News discussing new AI tools
KTLA 5 · Los Angeles
Morning News
Live expert commentary · AI tools & cybersecurity
 Ax Sharma live from the BBC London Newsroom in a split-screen interview
BBC News
Live TV segment on tracking threat actor footsteps
London Newsroom · Live expert commentary
 Ax Sharma on stage at Infosecurity Europe London delivering a Tech & Strategy talk
Infosecurity Europe
InfoSec Europe London
Tech & Strategy Talks · Threat landscapes keynote

Also featured on BBC iPlayer, BBC Radio, YouTube, and Spotify as a cybersecurity subject matter expert. Available for media commentary, broadcast appearances, and conference keynotes — get in touch.

Latest writing

Recent research
& reporting.

BleepingComputer
Attackers abuse Google Ads and Claude.ai shared chats to distribute macOS infostealer malware
May 2026
Manifold Security
30 ClawHub Skills are quietly recruiting your AI agent into a crypto swarm
Apr 2026
CSO Online
The Defender's Dilemma: when AI safety constrains defenders more than attackers
Apr 2026
BleepingComputer
IRS-authorized efile.com tax return software caught serving JS malware
2022
Sonatype
CursedGrabber: novel npm malware family — first public analysis
2021
View all research →
Responsible disclosure

Vulnerabilities
reported & fixed.

HM Government
Gibraltar law portal SQL injection
Allowed unauthorised modification of legislation · Via The Register
US DHS / CISA
Department of Homeland Security vulnerability
Coordinated disclosure · Federal infrastructure
Yodel UK
Customer data exposure
National courier · Via The Register
Comcast / Arris
Router/modem security vulnerability
Consumer infrastructure · ISP-level impact · CVE-2018-10990 · CVE-2018-10989
Planet Fitness
Membership validation bypass
US gym chain · Client-side validation flaw
P.F. Chang's / Buca di Beppo
Restaurant chain security issues
Consumer-facing · Responsible disclosure
Get in touch

Media, speaking
& research enquiries.

Available for commentary, broadcast appearances, and keynotes — ax [at] axsharma.com
Have a tip or story lead? Send it via BleepingComputer's tip line (Attn: Ax).

LinkedIn Bluesky X / Twitter YouTube