Threat hunters find Google API keys still usable 23 minutes after deletion

You know your Google API key has leaked so you rush to disable it before bad actors can start running up charges on your ...

Google users fight for refunds as unauthorized API usage bills soar

EXCLUSIVE Several Google Cloud customers say their API keys have been compromised and used by bad actors to run inferencing ...
Cybernews

Google Cloud developers going bankrupt over Gemini API key abuse: hard spending caps now available

Developers are being hit with massive, unexpected charges, sometimes over $67,000, because Google’s budget alerts and fraud ...
Dark Reading

Google API Keys Remain Active After Deletion

A security researcher discovered the API keys can still be used for 23 minutes after deletion, even though the cloud provider ...
GIGAZINE

The API key that Google had announced as 'OK to publish' is also the Gemini authentication key, so there are a lot of websites that are leaking personal information

Google has stated that API keys for services like Firebase and Google Maps are 'safe to share,' but Truffle Security has discovered that the same keys can be used to access Gemini, the administrator's ...
Hosted on MSN

Hackers are using leaked Google API keys to 'go wild' with Gemini AI for free

Exposed Google API keys allow attackers to run unlimited Gemini AI requests Developers experience severe financial losses due to unauthorized access to AI infrastructure Hardcoded credentials elevate ...
heise online

Google's unprotected API keys a security and cost risk due to Gemini AI

Google is working to fix a problem with its API keys after security researchers pointed out possible misuse. This is because the keys for accessing Google's cloud services, such as Maps or Firebase, ...

Google Splits Its Agent Strategy For Two Developer Audiences

Google split its agent strategy at I/O 2026, giving developers a low-friction Antigravity on-ramp that scales up to a governed enterprise tier.