SecurityWeek

Google API Keys in Android Apps Expose Gemini Endpoints to Unauthorized Access

The Google API keys, all using the ‘AIza…’ format, can be abused for retroactive privilege escalation: a key that a developer ...

Major Google Bug Triggers Gemini AI Leak in Google Pay for Business, Oyo Hotels and Other Apps: Report

For end users, this means any data shared with Gemini, such as documents, images, or audio, and stored in the Files API, can ...
Infosecurity Magazine

Google API Keys Quietly Gain Access to Gemini on Android Devices

A flaw in Google's API key system has reportedly exposed mobile applications to unintended access to its Gemini AI platform.

Google AI bug hits popular apps, leaving millions of users at risk

Google's new API key architecture has come under scrutiny due to significant security flaws that potentially expose user data ...

Millions of Android users at risk due to Gemini integration bug – these apps could be affected

Google’s Gemini integration in Android apps exposes sensitive API keys in popular apps, potentially risking user data and ...
News9Live on MSN

Google Gemini AI security flaw: 22 apps with 500M installs leak API access, says CloudSEK

A CloudSEK report reveals that 22 Android apps with over 500 million installs expose hardcoded API keys that can access ...
GIGAZINE

The API key that Google had announced as 'OK to publish' is also the Gemini authentication key, so there are a lot of websites that are leaking personal information

Google has stated that API keys for services like Firebase and Google Maps are 'safe to share,' but Truffle Security has discovered that the same keys can be used to access Gemini, the administrator's ...
heise online

Google's unprotected API keys a security and cost risk due to Gemini AI

Google is working to fix a problem with its API keys after security researchers pointed out possible misuse. This is because the keys for accessing Google's cloud services, such as Maps or Firebase, ...
Bleeping Computer

Latest API Key news

Google API keys for services like Maps embedded in accessible client-side code could be used to authenticate to the Gemini AI assistant and access private data. Close to 12,000 valid secrets that ...