✦ RuntimeAI Blog

Security & Governance
for the Agentic Economy

Research, incident analysis, and technical deep-dives on AI agent security, post-quantum cryptography, and enterprise AI governance.

Incident Analysis Supply Chain
The Vercel Breach: Third-Party AI Tools Are the New Attack Vector

A stolen OAuth token from a compromised browser extension gave ShinyHunters access to Vercel's internal systems. Here's the full kill chain — and how autonomous AI security governance stops every stage before damage scales.

RuntimeAI Team April 22, 2026 7 min read Read →
eSign Demo
From Markdown to Signed NDA in 60 Seconds

No PDF editor. No drag-and-drop field placement. Drop {{RTAI:Signer1:Signature}} placeholders in your Markdown, make one API call, and get back signing URLs and a stamped executed PDF.

Roshan Shaik April 20, 2026 6 min read Read →
Weekly Digest AI Security
RuntimeAI Weekly AI Security Digest — OpenClaw, Mercor, Azure MCP, SANS Top 5

824 malicious OpenClaw skills. A $10B startup breached via a 40-minute PyPI window. Microsoft's own MCP server with zero auth. This is the week AI agent security became everyone's problem.

Roshan Shaik April 16, 2026 8 min read Read →
Post-Quantum Security
Harvest Now. Decrypt Later. Why World Quantum Day Matters More Than Q-Day

Everyone is asking when quantum computers will break encryption. That's the wrong question. The real threat is already here — adversaries are harvesting encrypted data today to decrypt it in 2035.

Roshan Shaik April 14, 2026 7 min read Read →
Incident Analysis Supply Chain
The LiteLLM Supply Chain Attack: Why Defense in Depth Is the Only Strategy

On March 24, 2026, LiteLLM was compromised on PyPI. For 3 hours, pip install delivered credential-stealing malware to thousands of enterprises. Here's the full kill-chain analysis.

Roshan Shaik March 25, 2026 9 min read Read →

Get the weekly AI security digest

Incident roundups, threat analysis, and governance insights — every week.