Ax Sharma

Security Researcher, Engineer, Tech Reporter

Speaking & Video

Cybersecurity Speaking, London and Vlog Series

I currently cover Sonatype’s Nexus Intelligence Insights Vulnerability of the Month video series, with our product and corporate marketing teams.

I’m available to speak on diverse Cybersecurity topics on vlogs and at public speaking events.

Nexus Intelligence Insights Video & Blog Series:

October 2020:

Featured speaker on NVTC’s Capital Cybersecurity Summit 2020.

[Recording available shortly]

Sonatype caught NodeJS malware exfiltrating IPs, username, and device information on GitHub

September 2020:

Nexus Intelligence Insights: “fallguys” npm package which is malware impersonating the popular Fall Guys game API

August 2020:

Nexus Intelligence Insights – CVE-2020-7699: From Prototype Pollution to full-on remote code execution, how can adversaries exploit npm modules?

Nexus User Conference 2020 – FULL LIVE presentation
Ax Sharma’s overview of Sonatype Security Research: The Inside Scoop


CVE-2020-17479 – jpv Fix Bypass discovered by Sonatype:
Co-authored with Sonatype Security Research Team:

July 2020:

CVE-2020-13935 – Apache Tomcat Websocket – Denial of Service (DoS): 

May 2020:

April 2020:

March 2020:

February 2020:

January 2020:

Hacker Noon stored XSS via SVGs:

September 2019:

June 2019:

April 2019:

Blog series: