English-learning app user audio exposure via Gemini Files API
Data Leak
Summary
Hide ▲
Show ▼
A confirmed Gemini Files API exposure let user-uploaded audio files from an English-learning app be retrieved, showing that exposed keys can surface private user content. The retrieved material included file metadata, timestamps, and accessible links, which increases the risk that sensitive data can be enumerated without consent. The case matters because the same access path could reveal other private files stored behind the same keys.
Related Happenings
Cursor local SQLite secret-storage exposing credentials security flaw
Vulnerability
First: 29.04.2026 18:00
Last: 29.04.2026 18:00
Sources 1
About this happening:
A **high-severity** **Cursor** flaw lets installed extensions read secrets stored locally, exposing **API keys** and **session tokens** without user interaction. The weakness stem...
Cursor local SQLite secret-storage exposing credentials security flaw
VulnerabilityAbout this happening: A **high-severity** **Cursor** flaw lets installed extensions read secrets stored locally, exposing **API keys** and **session tokens** without user interaction. The weakness stem...
Google API keys Gemini single-service privilege escalation privilege-escalation flaw
Vulnerability
First: 26.02.2026 22:55
Last: 26.02.2026 22:55
Sources 1
How related:
CloudSEK found that when the Gemini API is enabled in a Google Cloud project, existing keys automatically gain access to AI endpoints without notification or user consent.
About this happening:
**Google API keys** exposed in public code became a **Gemini authentication weakness**, allowing copied keys to reach **private data** and incur **API charges** on victim accounts...
Google API keys Gemini single-service privilege escalation privilege-escalation flaw
VulnerabilityHow related: CloudSEK found that when the Gemini API is enabled in a Google Cloud project, existing keys automatically gain access to AI endpoints without notification or user consent.
About this happening: **Google API keys** exposed in public code became a **Gemini authentication weakness**, allowing copied keys to reach **private data** and incur **API charges** on victim accounts...
Global Profit / MC Profit Always exposed phishing repository leak
Data Leak
First: 25.02.2026 01:57
Last: 25.02.2026 01:57
Sources 1
About this happening:
An exposed repository tied to **Global Profit / MC Profit Always** leaked an **SQL database** and **Telegram webhook logs**, exposing phishing-operator communications and infrastr...
Global Profit / MC Profit Always exposed phishing repository leak
Data LeakAbout this happening: An exposed repository tied to **Global Profit / MC Profit Always** leaked an **SQL database** and **Telegram webhook logs**, exposing phishing-operator communications and infrastr...
Timeline
-
08.04.2026 19:00 2 articles · 1mo ago
English-learning app audio files exposed through Gemini Files API
Victim Impact UpdateExposed Google API keys enabled retrieval of user-uploaded audio files from an English-learning app through the Gemini Files API, and the retrieved content included file metadata, timestamps, and accessible links. The same access path shows how Gemini-enabled Google Cloud projects can expose private content and create unauthorized API usage and cost risk.
Show sources
- Google API Keys Quietly Gain Access to Gemini on Android Devices — www.infosecurity-magazine.com — 08.04.2026 19:00
- Google API Keys Quietly Gain Access to Gemini on Android Devices — www.infosecurity-magazine.com — 08.04.2026 19:00