Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Google Gemini leaked API key mitigation

Advisory/Mitigation
First reported
Last updated
Happening score
H score 29
2 unique sources, 2 articles

Summary

Hide ▲

Google is rolling out mitigations for leaked API keys that can reach Gemini API data, reducing the risk of unauthorized access and usage charges. New AI Studio keys will default to Gemini-only scope, and leaked keys will be blocked from accessing Gemini. Google also says it will send proactive notifications when leaks are detected.

Related Happenings

Google Cloud Platform API key revocation testing finds minutes-long post-deletion authentication

Technical Analysis
First: 21.05.2026 23:07 Last: 21.05.2026 23:07 Sources 1

About this happening: Testing showed **deleted Google Cloud Platform API keys** could still authenticate for **minutes after revocation**, creating a post-deletion abuse window that weakens **incident...

Open Happening

Google Gemini CLI workspace-trust hardening update

Security Patch Release
First: 30.04.2026 10:07 Last: 30.04.2026 10:07 Sources 1

About this happening: Google released a **Gemini CLI** security update that changes **workspace-trust handling** for **headless CI workflows**, reducing the risk that untrusted folders can trigger **ho...

Open Happening

Google Android Advanced Flow adds safer APK sideloading for unverified developers

Security Tool/Service
First: 21.03.2026 16:18 Last: 21.03.2026 16:18 Sources 1

About this happening: **Google** is rolling out **Advanced Flow** on **Android** to let power users sideload APKs from **unverified developers** with more friction and warnings, reducing the risk of **...

Open Happening

Perseus IPTV-lure distribution campaign targeting Europe and the Middle East

Campaign
First: 19.03.2026 14:43 Last: 19.03.2026 14:43 Sources 1

About this happening: The **Perseus** distribution campaign is actively pushing **Android malware** through **phishing sites** and **IPTV-lure apps**, increasing the risk of **device takeover** and **f...

Open Happening

Perseus Android malware family actively distributed in the wild

Malware Activity
First: 19.03.2026 14:43 Last: 19.03.2026 14:43 Sources 1

About this happening: The **Perseus** **Android malware** family is being actively distributed in the wild, putting infected devices at risk of **device takeover** and **financial fraud**. It spreads t...

Open Happening

Timeline

  1. 26.02.2026 02:00 2 articles · 3mo ago

    Google rolls out Gemini key scoping and leak blocking controls

    Mitigation Patch Update

    On February 26, 2026, Google said it had already implemented proactive measures to detect and block leaked API keys that attempt to access the Gemini API, and stated that new AI Studio keys will default to Gemini-only scope while leaked keys will be blocked from Gemini.

    Show sources
    Open in new tab
  2. 13.01.2026 02:00 1 articles · 4mo ago

    Google classifies the exposed key issue as single-service privilege escalation

    Technical Analysis Update

    On January 13, 2026, Google classified the exposed Gemini-capable key issue as "single-service privilege escalation" after a long exchange with the researchers, formalizing the risk that a public Google Cloud API key could be reused against Gemini.

    Show sources
    Open in new tab
  3. 21.11.2025 02:00 1 articles · 6mo ago

    TruffleSecurity notifies Google about exposed Gemini-capable API keys

    Initial Disclosure

    TruffleSecurity informed Google on November 21, 2025 after finding Google API keys exposed in public JavaScript that could be copied from a website's page source and used to authenticate to Gemini, giving access to private data and billable API usage.

    Show sources
    Open in new tab