Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Google API keys Gemini single-service privilege escalation privilege-escalation flaw

Vulnerability
First reported
Last updated
Happening score
H score 42
3 unique sources, 3 articles

Summary

Hide ▲

Google API keys exposed in public code became a Gemini authentication weakness, allowing copied keys to reach private data and incur API charges on victim accounts. The risk applies to projects that left keys visible in page source or JavaScript while enabling Gemini (Generative Language API). Google later classified the flaw as single-service privilege escalation and began blocking leaked keys from Gemini access.

Related Happenings

Google Cloud Platform API key revocation testing finds minutes-long post-deletion authentication

Technical Analysis
First: 21.05.2026 23:07 Last: 21.05.2026 23:07 Sources 1

About this happening: Testing showed **deleted Google Cloud Platform API keys** could still authenticate for **minutes after revocation**, creating a post-deletion abuse window that weakens **incident...

Open Happening

Android 17 expands platform security and privacy protections

Security Tool/Service
First: 12.05.2026 20:00 Last: 12.05.2026 20:00 Sources 1

About this happening: **Android 17** will add a broad set of **Google**-backed security and privacy controls next month, reducing exposure to **banking scam calls**, **device theft**, and **OTP theft**...

Open Happening

Open-source admin tool zero-day 2FA bypass exploitation wave

Exploitation Wave
First: 11.05.2026 18:45 Last: 11.05.2026 18:45 Sources 1

About this happening: Google identified a **mass vulnerability exploitation operation** using a **zero-day 2FA bypass** against a **popular open-source, web-based system administration tool**, creating...

Open Happening

Google expands Binary Transparency for Android for production app verification

Security Tool/Service
First: 06.05.2026 12:13 Last: 06.05.2026 12:13 Sources 1

About this happening: Google expanded **Binary Transparency for Android**, adding a public verification system that helps detect unauthorized or modified Google app binaries. The rollout covers product...

Open Happening

Gemini CLI workspace trust RCE flaw

Vulnerability
First: 30.04.2026 10:07 Last: 30.04.2026 10:07 Sources 1

About this happening: Google has fixed **Gemini CLI** and **google-github-actions/run-gemini-cli** flaws that let **untrusted workspace content** trigger **arbitrary commands on the host** in **CI/head...

Open Happening

Timeline

  1. 26.02.2026 22:55 1 articles · 2mo ago

    TruffleSecurity informs Google about exposed Google API keys

    Initial Disclosure

    TruffleSecurity notified Google that publicly exposed Google API keys in client-side code could be copied from page source and reused against Gemini, creating private-data access and billing abuse risk.

    Show sources
    Open in new tab
  2. 26.02.2026 22:55 1 articles · 2mo ago

    Google classifies the Gemini API key flaw as single-service privilege escalation

    Legal Policy Action Update

    After a long exchange with the researchers, Google formally classified the exposed-key flaw as single-service privilege escalation, reflecting an official vendor determination about the security impact of Google API keys reaching Gemini.

    Show sources
    Open in new tab
  3. 26.02.2026 02:00 3 articles · 3mo ago

    TruffleSecurity reports more than 2,800 exposed Google API keys and Google says it is blocking leaked keys

    Technical Analysis Update

    TruffleSecurity scanned the November 2025 Common Crawl dataset and found more than 2,800 live Google API keys publicly exposed in code, including keys used by Maps, YouTube embeds, and Firebase, while Google said it had worked with the researchers, implemented proactive measures to detect and block leaked API keys from Gemini access, and planned Gemini-only defaults for new AI Studio keys.

    Show sources
    Open in new tab