Mastodawn

Eek. If you've used Google Maps or Firebase and shipped your key to your client (which, to be clear, Google promised was safe) AND you’ve enabled the Gemini API, you could be in trouble: https://trufflesecurity.com/blog/google-api-keys-werent-secrets-but-then-gemini-changed-the-rules

Google API Keys Weren't Secrets. But then Gemini Changed the Rules. ◆ Truffle Security Co.

Google spent over a decade telling developers that Google API keys (like those used in Maps, Firebase, etc.) are not secrets. But that's no longer true.