Google Gemini leaked API key mitigation
Advisory/Mitigation
Summary
Hide ▲
Show ▼
Google is rolling out mitigations for leaked API keys that can reach Gemini API data, reducing the risk of unauthorized access and usage charges. New AI Studio keys will default to Gemini-only scope, and leaked keys will be blocked from accessing Gemini. Google also says it will send proactive notifications when leaks are detected.
Related Happenings
IPhone AI chatbot traffic leak of API keys, replayable tokens, and open relays
Technical Analysis
H score27
First: 30.06.2026 16:49
Last: 30.06.2026 16:49
Sources 1
About this happening:
**LLMKeyLens** testing found **444 iPhone AI chatbot apps** leaking **paid AI access**, exposing **API keys**, **replayable tokens**, and **open relays** that let others bill mode...
IPhone AI chatbot traffic leak of API keys, replayable tokens, and open relays
Technical AnalysisAbout this happening: **LLMKeyLens** testing found **444 iPhone AI chatbot apps** leaking **paid AI access**, exposing **API keys**, **replayable tokens**, and **open relays** that let others bill mode...
Google Cloud Platform API key revocation testing finds minutes-long post-deletion authentication
Technical Analysis
H score16
First: 21.05.2026 23:07
Last: 21.05.2026 23:07
Sources 1
About this happening:
Testing showed **deleted Google Cloud Platform API keys** could still authenticate for **minutes after revocation**, creating a post-deletion abuse window that weakens **incident...
Google Cloud Platform API key revocation testing finds minutes-long post-deletion authentication
Technical AnalysisAbout this happening: Testing showed **deleted Google Cloud Platform API keys** could still authenticate for **minutes after revocation**, creating a post-deletion abuse window that weakens **incident...
Google Gemini CLI workspace-trust hardening update
Security Patch Release
H score44
First: 30.04.2026 10:07
Last: 30.04.2026 10:07
Sources 1
About this happening:
Google released a **Gemini CLI** security update that changes **workspace-trust handling** for **headless CI workflows**, reducing the risk that untrusted folders can trigger **ho...
Google Gemini CLI workspace-trust hardening update
Security Patch ReleaseAbout this happening: Google released a **Gemini CLI** security update that changes **workspace-trust handling** for **headless CI workflows**, reducing the risk that untrusted folders can trigger **ho...
Google Android Advanced Flow adds safer APK sideloading for unverified developers
Security Tool/Service
H score11
First: 21.03.2026 16:18
Last: 21.03.2026 16:18
Sources 1
About this happening:
**Google** is rolling out **Advanced Flow** on **Android** to let power users sideload APKs from **unverified developers** with more friction and warnings, reducing the risk of **...
Google Android Advanced Flow adds safer APK sideloading for unverified developers
Security Tool/ServiceAbout this happening: **Google** is rolling out **Advanced Flow** on **Android** to let power users sideload APKs from **unverified developers** with more friction and warnings, reducing the risk of **...
Perseus IPTV-lure distribution campaign targeting Europe and the Middle East
Campaign
H score36
First: 19.03.2026 14:43
Last: 19.03.2026 14:43
Sources 1
About this happening:
The **Perseus** distribution campaign is actively pushing **Android malware** through **phishing sites** and **IPTV-lure apps**, increasing the risk of **device takeover** and **f...
Perseus IPTV-lure distribution campaign targeting Europe and the Middle East
CampaignAbout this happening: The **Perseus** distribution campaign is actively pushing **Android malware** through **phishing sites** and **IPTV-lure apps**, increasing the risk of **device takeover** and **f...
Timeline
-
26.02.2026 02:00 2 articles · 4mo ago
Google rolls out Gemini key scoping and leak blocking controls
Mitigation Patch UpdateOn February 26, 2026, Google said it had already implemented proactive measures to detect and block leaked API keys that attempt to access the Gemini API, and stated that new AI Studio keys will default to Gemini-only scope while leaked keys will be blocked from Gemini.
Show sources
- Previously harmless Google API keys now expose Gemini AI data — www.bleepingcomputer.com — 26.02.2026 22:55
- Thousands of Public Google Cloud API Keys Exposed with Gemini Access After API Enablement — thehackernews.com — 28.02.2026 11:56
-
13.01.2026 02:00 1 articles · 5mo ago
Google classifies the exposed key issue as single-service privilege escalation
Technical Analysis UpdateOn January 13, 2026, Google classified the exposed Gemini-capable key issue as "single-service privilege escalation" after a long exchange with the researchers, formalizing the risk that a public Google Cloud API key could be reused against Gemini.
Show sources
- Previously harmless Google API keys now expose Gemini AI data — www.bleepingcomputer.com — 26.02.2026 22:55
-
21.11.2025 02:00 1 articles · 7mo ago
TruffleSecurity notifies Google about exposed Gemini-capable API keys
Initial DisclosureTruffleSecurity informed Google on November 21, 2025 after finding Google API keys exposed in public JavaScript that could be copied from a website's page source and used to authenticate to Gemini, giving access to private data and billable API usage.
Show sources
- Previously harmless Google API keys now expose Gemini AI data — www.bleepingcomputer.com — 26.02.2026 22:55