CoinDesk

Hack at Vercel sends crypto developers scrambling to lock down API keys

Breach tied to compromised AI tool may have exposed credentials used by app frontends, the user-facing layer that connects ...

How Antigravity’s AI Subagents Are Reshaping Engineering Teams With Arcade

Antigravity Mission Control paired with Arcade.dev MCP runtime forms an autonomous AI engineering team that can execute tasks ...
Digital Trends

A simple coding mistake is exposing API keys across thousands of websites

After analyzing 10 million webpages, researchers have found thousands of websites accidentally exposing sensitive API credentials, including keys linked to major services like Amazon Web Services, ...
heise online

Google's unprotected API keys a security and cost risk due to Gemini AI

Google is working to fix a problem with its API keys after security researchers pointed out possible misuse. This is because the keys for accessing Google's cloud services, such as Maps or Firebase, ...
TechSpot

A stolen Gemini API key turned a $180 bill into $82,000 in two days

AI Economy: A team of three developers in Mexico is facing a roughly 455× increase in monthly AI service expenses after an API key associated with their project was allegedly compromised. The key was ...
CSOonline

‘Silent’ Google API key change exposed Gemini AI data

Google Cloud API keys, normally used as simple billing identifiers for APIs such as Maps or YouTube, could be scraped from websites to give access to private Gemini AI project data, researchers from ...
Bitdefender

Leaked Google API keys can unlock Gemini API access and surprise bills

Google Cloud API keys have long appeared in public JavaScript to power Maps, YouTube embeds, analytics and Firebase features. Historically, many teams treated those strings as “ok to expose,” mainly ...
Windows Report

Hackers Could Exploit Exposed Google API Keys to Access Gemini AI

Google is facing renewed security scrutiny after researchers revealed that publicly exposed API keys can be abused to access Gemini AI services. The issue centers on Google API keys embedded in client ...
Bleeping Computer

Previously harmless Google API keys now expose Gemini AI data

Google API keys for services like Maps embedded in accessible client-side code could be used to authenticate to the Gemini AI assistant and access private data. Researchers found nearly 3,000 such ...
cybernews

Hackers can exploit thousands of exposed Google API keys to access Gemini and steal data

Websites leak Google API keys. Apps leak Google API keys. Even code repositories are full of them. What used to be a nuisance is now letting attackers access your Gemini and sensitive data, security ...
CoinTelegraph

Viral AI assistant ‘Clawdbot’ risks leaking private messages, credentials

Cybersecurity researchers have raised red flags about a new artificial intelligence personal assistant called Clawdbot, warning it could inadvertently expose personal data and API keys to the public.