The Hacker News

Thousands of Public Google Cloud API Keys Exposed with Gemini Access After API Enablement

Research reveals 2,863 public Google API keys can access Gemini endpoints, enabling data exposure and massive billing abuse.

A stolen Gemini API key turned a $180 bill into $82,000 in two days

One of the affected developers shared the incident on Reddit. According to the post, the Google Cloud API key was compromised between February 11 and February ...
Dark Reading

How Do I Protect My API Keys From Appearing in Search Results?

Question: How do I keep my API keys from becoming part of someone else's GitHub search? Answer: Storing API keys directly in your code is generally not recommended due to the potential security risks.

Previously harmless Google API keys now expose Gemini AI data

Google API keys for services like Maps embedded in accessible client-side code could be used to authenticate to the Gemini AI ...
Hosted on MSN

I centralized all my API keys and secrets in this free password vault

The more I dive into the world of home labs and self-hosting, the more I realize one thing. Far too many of my secrets are stored in plaintext in Dockerfiles, k8s, virtual machines, and the other ...
Pusula

I discovered 40+ live AI API keys on GitHub Gists. Here’s what I found.

The other day, I was working on a side project, minding my own business, when I stumbled upon a code snippet on GitHub Gists. As I skimmed through the snippet, a random thought struck me: What would ...