GIGAZINE

The API key that Google had announced as 'OK to publish' is also the Gemini authentication key, so there are a lot of websites that are leaking personal information

Google has stated that API keys for services like Firebase and Google Maps are 'safe to share,' but Truffle Security has discovered that the same keys can be used to access Gemini, the administrator's ...

Threat hunters find Google API keys still usable 23 minutes after deletion

You know your Google API key has leaked so you rush to disable it before bad actors can start running up charges on your account. Bad news: According to security researchers at Aikido, people can use ...
cybernews

Google API keys keep working for up to 23 minutes after you delete them

When Gemini users delete Google API keys, those keys remain active for up to 23 minutes, giving attackers time to abuse them to dump data, cache conversations, and make API calls. Google “won’t fix” ...