Hosted on MSN

Experts find Google API keys are still usable, even after you delete them

Aikido researchers find Google API keys remain usable for up to 23 minutes after deletion Success rates varied across trials, with Gemini‑enabled projects especially vulnerable to stolen files and ...
Infosecurity-magazine.com

Google API Keys Quietly Gain Access to Gemini on Android Devices

A flaw in Google's API key system has reportedly exposed mobile applications to unintended access to its Gemini AI platform. According to a CloudSEK advisory published on April 8, the issue affects ...
Dark Reading

Google API Keys Remain Active After Deletion

Google API keys aren't completely inactive after users delete them, giving attackers a small but significant window to continue abusing them. Joe Leon, researcher at Belgian startup Aikido Security, ...