Find notable cyber news and cases, enriched with sources, timelines, and signals.

Google Gemini leaked API key mitigation

Advisory/Mitigation
First reported
Last updated
Happening score
H score 73
2 unique sources, 2 articles

Summary

Hide ▲

Google is rolling out mitigations for leaked API keys that can reach Gemini API data, reducing the risk of unauthorized access and usage charges. New AI Studio keys will default to Gemini-only scope, and leaked keys will be blocked from accessing Gemini. Google also says it will send proactive notifications when leaks are detected.

Related Happenings

IPhone AI chatbot traffic leak of API keys, replayable tokens, and open relays

Technical Analysis
H score27 First: 30.06.2026 16:49 Last: 30.06.2026 16:49 Sources 1

About this happening: **LLMKeyLens** testing found **444 iPhone AI chatbot apps** leaking **paid AI access**, exposing **API keys**, **replayable tokens**, and **open relays** that let others bill mode...

Google Cloud Platform API key revocation testing finds minutes-long post-deletion authentication

Technical Analysis
H score16 First: 21.05.2026 23:07 Last: 21.05.2026 23:07 Sources 1

About this happening: Testing showed **deleted Google Cloud Platform API keys** could still authenticate for **minutes after revocation**, creating a post-deletion abuse window that weakens **incident...

Google Gemini CLI workspace-trust hardening update

Security Patch Release
H score44 First: 30.04.2026 10:07 Last: 30.04.2026 10:07 Sources 1

About this happening: Google released a **Gemini CLI** security update that changes **workspace-trust handling** for **headless CI workflows**, reducing the risk that untrusted folders can trigger **ho...

Google Android Advanced Flow adds safer APK sideloading for unverified developers

Security Tool/Service
H score11 First: 21.03.2026 16:18 Last: 21.03.2026 16:18 Sources 1

About this happening: **Google** is rolling out **Advanced Flow** on **Android** to let power users sideload APKs from **unverified developers** with more friction and warnings, reducing the risk of **...

Perseus IPTV-lure distribution campaign targeting Europe and the Middle East

Campaign
H score36 First: 19.03.2026 14:43 Last: 19.03.2026 14:43 Sources 1

About this happening: The **Perseus** distribution campaign is actively pushing **Android malware** through **phishing sites** and **IPTV-lure apps**, increasing the risk of **device takeover** and **f...

Timeline

  1. 26.02.2026 02:00 2 articles · 4mo ago

    Google rolls out Gemini key scoping and leak blocking controls

    Mitigation Patch Update

    On February 26, 2026, Google said it had already implemented proactive measures to detect and block leaked API keys that attempt to access the Gemini API, and stated that new AI Studio keys will default to Gemini-only scope while leaked keys will be blocked from Gemini.

    Show sources
  2. 13.01.2026 02:00 1 articles · 5mo ago

    Google classifies the exposed key issue as single-service privilege escalation

    Technical Analysis Update

    On January 13, 2026, Google classified the exposed Gemini-capable key issue as "single-service privilege escalation" after a long exchange with the researchers, formalizing the risk that a public Google Cloud API key could be reused against Gemini.

    Show sources
  3. 21.11.2025 02:00 1 articles · 7mo ago

    TruffleSecurity notifies Google about exposed Gemini-capable API keys

    Initial Disclosure

    TruffleSecurity informed Google on November 21, 2025 after finding Google API keys exposed in public JavaScript that could be copied from a website's page source and used to authenticate to Gemini, giving access to private data and billable API usage.

    Show sources