The Hacker News

Thousands of Public Google Cloud API Keys Exposed with Gemini Access After API Enablement

Research reveals 2,863 public Google API keys can access Gemini endpoints, enabling data exposure and massive billing abuse.

A stolen Gemini API key turned a $180 bill into $82,000 in two days

One of the affected developers shared the incident on Reddit. According to the post, the Google Cloud API key was compromised ...

Previously harmless Google API keys now expose Gemini AI data

Google API keys for services like Maps embedded in accessible client-side code could be used to authenticate to the Gemini AI ...
Dark Reading

How Do I Protect My API Keys From Appearing in Search Results?

Question: How do I keep my API keys from becoming part of someone else's GitHub search? Answer: Storing API keys directly in your code is generally not recommended due to the potential security risks.
CSO Online

‘Silent’ Google API key change exposed Gemini AI data

API key exploitation is more than hypothetical. In a different context, a student who reportedly exposed a GCP API key on ...
Pusula

I discovered 40+ live AI API keys on GitHub Gists. Here’s what I found.

The other day, I was working on a side project, minding my own business, when I stumbled upon a code snippet on GitHub Gists. As I skimmed through the snippet, a random thought struck me: What would ...