US EditionPreviously harmless Google API keys now expose Gemini AI data
7 Articles
7 Articles
The Google API keys were not secret, but Gemini has changed the rules because it uses the same keys to access your data, a hacker can access your data and charge you the use of LLM Truffle Security has analyzed millions of websites and found nearly 3,000 Google API keys, initially deployed for public services such as Google Maps, which now also authenticate Gemini, even if they were not intended for that use. With a valid key, a hacker...
CSO Online
‘Silent’ Google API key change exposed Gemini AI data
Google Cloud API keys, normally used as simple billing identifiers for APIs such as Maps or YouTube, could be scraped from websites to give access to private Gemini AI project data, researchers from Truffle Security recently discovered. According to a Common Crawl scan of websites carried out by the company in November, there were 2,863 live Google API keys that left organizations exposed. This included “major financial institutions, security co…
Google has stated that API keys for services like Firebase and Google Maps are "safe to share," but Truffle Security has discovered that the same keys can be used to access Gemini, the administrator's account.
Previously harmless Google API keys now expose Gemini AI data - Cybernoz - Cybersecurity News
Google API keys for services like Maps embedded in accessible client-side code could be used to authenticate to the Gemini AI assistant and access private data. Researchers found nearly 3,000 such keys while scanning internet pages from organizations in various sectors, and even from Google. The problem occurred when Google introduced its Gemini assistant, and developers started
Coverage Details
Bias Distribution
- 100% of the sources are Center
Factuality
To view factuality data please Upgrade to Premium
