Dark Reading

Google API Keys Remain Active After Deletion

Google API keys aren't completely inactive after users delete them, giving attackers a small but significant window to continue abusing them. Joe Leon, researcher at Belgian startup Aikido Security, ...
GIGAZINE

The API key that Google had announced as 'OK to publish' is also the Gemini authentication key, so there are a lot of websites that are leaking personal information

Google has stated that API keys for services like Firebase and Google Maps are 'safe to share,' but Truffle Security has discovered that the same keys can be used to access Gemini, the administrator's ...
Search Engine Land

Google clarifies API key process for local inventory feeds

Google simplified the process for merchants to obtain API keys for local inventory feeds, clearing a hurdle to faster Shopping integration. After months of merchant frustration over securing the ...
Bleeping Computer

Latest API Key news

Google API keys for services like Maps embedded in accessible client-side code could be used to authenticate to the Gemini AI assistant and access private data. Close to 12,000 valid secrets that ...
Hosted on MSN

Dev stunned by $82K Gemini bill after unknown API key thief goes to town

A developer says their company is on the hook for more than $82,000 in unauthorized charges after a stolen Google Gemini API key racked massive usage costs up in just 48 hours.… "I am in a state of ...
News9Live on MSN

Google Cloud warns of AI security risks as Gemini API controversy grows

Google Cloud COO Francis de Souza has warned that AI security can no longer be treated as an afterthought as cyber threats ...
GIGAZINE

Researchers have confirmed that leaked Google API keys may remain usable for approximately 23 minutes after deletion.

API keys are authentication credentials that apps and services use to access APIs such as Google Cloud, and if they are leaked, they can be misused by third parties. Typically, when developers notice ...