{"data":{"id":"b16a911e-be9c-4c22-a0d3-347af1f419c2","title":"Previously harmless Google API keys now expose Gemini AI data","summary":"Google API keys (credentials that allow developers to access Google services) that were previously safe to expose online became dangerous when Google introduced its Gemini AI assistant, because these keys could now be used to authenticate to Gemini and access private data. Researchers found nearly 3,000 exposed API keys on public websites, and attackers could use them to make expensive API calls and drain victim accounts by thousands of dollars per day.","solution":"Google has implemented the following measures: (1) new AI Studio keys will default to Gemini-only scope, (2) leaked API keys will be blocked from accessing Gemini, and (3) proactive notifications will be sent when leaks are detected. Additionally, developers should check whether Generative Language API is enabled on their projects, audit all API keys to find publicly exposed ones, and rotate them immediately. The source also recommends using TruffleHog (an open-source tool that detects live, exposed keys in code and repositories) to scan for exposed keys.","labels":["security","privacy"],"sourceUrl":"https://www.bleepingcomputer.com/news/security/previously-harmless-google-api-keys-now-expose-gemini-ai-data/","publishedAt":"2026-02-26T20:55:29.000Z","cveId":null,"cweIds":null,"cvssScore":null,"cvssSeverity":null,"severity":"high","attackType":["data_extraction"],"issueType":"news","affectedPackages":null,"affectedVendors":["Google"],"affectedVendorsRaw":["Google","Gemini","Google Cloud API","Google Maps","YouTube","Firebase"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":null,"epssScore":null,"patchAvailable":null,"disclosureDate":null,"capecIds":null,"crossRefCount":0,"attackSophistication":"trivial","impactType":["confidentiality"],"aiComponentTargeted":"api","llmSpecific":true,"classifierConfidence":0.95,"researchCategory":null,"atlasIds":null}}