Mastodawn

FYI: Google API keys hiding in plain sight now unlock Gemini AI: Google API keys embedded in public code now expose Gemini AI access and billing risk after researchers found 2,800 live keys in a November 2025 crawl. Here's what changed and why it matters. https://ppc.land/google-api-keys-hiding-in-plain-sight-now-unlock-gemini-ai/ #GoogleAPI #GeminiAI #Cybersecurity #DataPrivacy #APIKeys

Google API keys weren't secrets - until Gemini changed the rules

TruffleSecurity found 2,863 live Google API keys in public code now granting Gemini AI access. A detailed look at the flaw, the disclosure fight, and what changed.

PPC Land

PPC Land Mar 2

ICYMI: Google API keys hiding in plain sight now unlock Gemini AI: Google API keys embedded in public code now expose Gemini AI access and billing risk after researchers found 2,800 live keys in a November 2025 crawl. Here's what changed and why it matters. https://ppc.land/google-api-keys-hiding-in-plain-sight-now-unlock-gemini-ai/ #GoogleAPI #GeminiAI #CyberSecurity #DataBreach #TechNews

Google API keys weren't secrets - until Gemini changed the rules

TruffleSecurity found 2,863 live Google API keys in public code now granting Gemini AI access. A detailed look at the flaw, the disclosure fight, and what changed.

PPC Land

PPC Land Mar 1

Google API keys hiding in plain sight now unlock Gemini AI: Google API keys embedded in public code now expose Gemini AI access and billing risk after researchers found 2,800 live keys in a November 2025 crawl. Here's what changed and why it matters. https://ppc.land/google-api-keys-hiding-in-plain-sight-now-unlock-gemini-ai/ #GoogleAPI #GeminiAI #Cybersecurity #DataPrivacy #TechNews

Google API keys weren't secrets - until Gemini changed the rules

TruffleSecurity found 2,863 live Google API keys in public code now granting Gemini AI access. A detailed look at the flaw, the disclosure fight, and what changed.

PPC Land

AllAboutSecurity Mar 1

Google API-Schlüssel als ungewollte Gemini-Zugangsdaten

IT-Sicherheitsforscher haben rund 2.800 aktiv nutzbare Google API-Schlüssel im öffentlichen Internet aufgedeckt, die ursprünglich für Kartendienste oder Firebase gedacht waren und nun uneingeschränkten Zugriff auf die Gemini-KI ermöglichen — ohne dass die betroffenen Entwickler je darüber informiert wurden.

https://www.all-about-security.de/google-api-schluessel-als-ungewollte-gemini-zugangsdaten/

#google #googleapi #api #gemini #ki

Google API-Schlüssel als ungewollte Gemini-Zugangsdaten

Öffentliche Google API-Schlüssel gewähren unbemerkt Zugriff auf die Gemini-KI. Forscher identifizierten 2.800 aktive Schlüssel im Netz.

All About Security Das Online-Magazin zu Cybersecurity (Cybersicherheit). Ransomware, Phishing, IT-Sicherheit, Netzwerksicherheit, KI, Threats, DDoS, Identity & Access, Plattformsicherheit

decio Feb 26

Si vous utilisez une clé API Google Maps/Firebase sur votre site, sachez que ce n’est plus une clé “publique”.

Pendant des années #Google disait que les clés API (AIza…) pouvaient être mises dans le code sans problème.
Mais aujourd’hui ces mêmes clés peuvent aussi donner accès à Gemini.

👉 Une clé visible dans le JavaScript du site peut permettre :

d’utiliser du LLM à vos frais 💸
d’accéder à certaines données du projet
de faire des requêtes API non prévues

En clair : une clé Maps publique peut devenir une clé d’accès à votre projet Cloud.

✔️ À vérifier :

Restreindre les clés API (API + domaines/IP)
Désactiver Gemini si inutile
Régénérer les vieilles clés

[Source originale]
"Google API Keys Weren't Secrets. But then Gemini Changed the Rules."
👇
https://trufflesecurity.com/blog/google-api-keys-werent-secrets-but-then-gemini-changed-the-rules

[Article FR par Korben]
"Clés API Google - 3000 clés publiques donnent accès à Gemini"
👇
https://korben.info/google-api-keys-gemini-secrets.html

💬
⬇️
https://infosec.pub/post/42624972

#CyberVeille #googleapi

Google API Keys Weren't Secrets. But then Gemini Changed the Rules. ◆ Truffle Security Co.

Google spent over a decade telling developers that Google API keys (like those used in Maps, Firebase, etc.) are not secrets. But that's no longer true.

sayzard Feb 24

[개인용 AI 에이전트 구축기: OpenClaw를 활용한 가족 비서 'Stella'와 구글 계정 정지 사건

OpenClaw 프레임워크를 활용해 가족 비서 AI 에이전트 'Stella'를 구축한 사례와 구글 계정 정지 사건에 대한 분석. AI 에이전트의 기술적 한계와 해결 방안을 제시하며, '감독된 에이전트' 인증 계층의 필요성을 강조한다.

https://news.hada.io/topic?id=26952

#aiagent #openclaw #automation #googleapi #smarthome

개인용 AI 에이전트 구축기: OpenClaw를 활용한 가족 비서 'Stella'와 구글 계정 정지 사건

<h4>핵심 요약</h4> <ul> <li> <strong>OpenClaw</strong> 프레임워크를 사용하여 캘린더 관리, 이메일 모니터링, 스마트 홈 제어가 가능한 개인용...

GeekNews

Tom's Hardware Italia Dec 17

🚀 La nuova API Interactions di Google cambierà il gioco per gli sviluppatori! Innovazione e convenienza come mai prima d'ora. #GoogleAPI #InnovationTech

🔗 https://www.tomshw.it/business/google-lancia-lapi-interactions-per-gli-agenti-ai-2025-12-17

La nuova API Interactions di Google è una svolta per gli sviluppatori

Gestione dello stato lato server, esecuzione in background e supporto MCP per agenti AI autonomi

Tom's Hardware

AI Daily Post Dec 12

Disney is betting a billion dollars on its new Sora characters, a bold move that could reshape the AI landscape and put pressure on Google’s API push via Apigee. How will Meta and even Llama 4 react? Dive into the details. #DisneyAI #Sora #GoogleAPI #Llama4

🔗 https://aidailypost.com/news/disney-pours-usd-1-billion-into-sora-characters-challenging-googles

N-gated Hacker News Sep 25

🚀 Wow, #Ollama just discovered the groundbreaking concept of...web search! 🌐 Now you can dazzle your #AI models with the power of Google 2.0—err, I mean Ollama’s REST API. 🤖✨ Because your hallucinating AI needs a reality check, Ollama-style! 🔍🙃
https://ollama.com/blog/web-search #WebSearch #GoogleAPI #Innovation #HackerNews #ngated

Web search · Ollama Blog

A new web search API is now available in Ollama. Ollama provides a generous free tier of web searches for individuals to use, and higher rate limits are available via Ollama’s cloud.