The Hacker News

Thousands of Public Google Cloud API Keys Exposed with Gemini Access After API Enablement

Research reveals 2,863 public Google API keys can access Gemini endpoints, enabling data exposure and massive billing abuse.
Dark Reading

How Do I Protect My API Keys From Appearing in Search Results?

Question: How do I keep my API keys from becoming part of someone else's GitHub search? Answer: Storing API keys directly in your code is generally not recommended due to the potential security risks.
Ars Technica

How can I keep API keys out of source control?

This Q&A is part of a weekly series of posts highlighting common questions encountered by technophiles and answered by users at Stack Exchange, a free, community-powered network of 100+ Q&A sites. I’m ...

A stolen Gemini API key turned a $180 bill into $82,000 in two days

One of the affected developers shared the incident on Reddit. According to the post, the Google Cloud API key was compromised between February 11 and February ...
Hosted on MSN

I centralized all my API keys and secrets in this free password vault

The more I dive into the world of home labs and self-hosting, the more I realize one thing. Far too many of my secrets are stored in plaintext in Dockerfiles, k8s, virtual machines, and the other ...

Previously harmless Google API keys now expose Gemini AI data

Google API keys for services like Maps embedded in accessible client-side code could be used to authenticate to the Gemini AI ...