Hosted on MSN

Dev stunned by $82K Gemini bill after unknown API key thief goes to town

A developer says their company is on the hook for more than $82,000 in unauthorized charges after a stolen Google Gemini API key racked massive usage costs up in just 48 hours.… "I am in a state of ...
GIGAZINE

The API key that Google had announced as 'OK to publish' is also the Gemini authentication key, so there are a lot of websites that are leaking personal information

Google has stated that API keys for services like Firebase and Google Maps are 'safe to share,' but Truffle Security has discovered that the same keys can be used to access Gemini, the administrator's ...
Dark Reading

Google API Keys Remain Active After Deletion

Google API keys aren't completely inactive after users delete them, giving attackers a small but significant window to continue abusing them. Joe Leon, researcher at Belgian startup Aikido Security, ...
Hosted on MSN

Google Gemini AI security flaw: 22 apps with 500M installs leak API access, says CloudSEK

New Delhi: A recent cybersecurity report has highlighted some serious concerns regarding the number of applications on Android that could be unknowingly opening access to potent AI systems. In a ...
Bleeping Computer

Latest API Key news

Google API keys for services like Maps embedded in accessible client-side code could be used to authenticate to the Gemini AI assistant and access private data. Close to 12,000 valid secrets that ...
GIGAZINE

Researchers have confirmed that leaked Google API keys may remain usable for approximately 23 minutes after deletion.

API keys are authentication credentials that apps and services use to access APIs such as Google Cloud, and if they are leaked, they can be misused by third parties. Typically, when developers notice ...