A stolen Gemini API key turned a $180 bill into $82,000 in two days

One of the affected developers shared the incident on Reddit. According to the post, the Google Cloud API key was compromised ...
The Hacker News

Thousands of Public Google Cloud API Keys Exposed with Gemini Access After API Enablement

Research reveals 2,863 public Google API keys can access Gemini endpoints, enabling data exposure and massive billing abuse.
Bitdefender

Leaked Google API keys can unlock Gemini API access and surprise bills

Exposed Google Cloud API keys in public JavaScript may now authenticate Gemini API calls, risking data exposure and runaway ...

Google's unprotected API keys a security and cost risk due to Gemini AI

Security researchers have found nearly 3000 publicly visible Google API keys authorizing Gemini. This allows abusive access.
The Hacker News

Claude Code Flaws Allow Remote Code Execution and API Key Exfiltration

Claude Code flaws allow remote code execution and API key theft via untrusted repositories; three bugs fixed across 2025–2026 ...
CPO Magazine

Researchers Warn Benign Google API Keys Could be Exploited to Rack Up Gemini AI Bills

Researchers with Truffle Security are warning that old and seemingly benign Google API keys might now be weaponized by threat ...
GizChina

Unlock the Power of AI: A Step-by-Step Guide to Getting Your OpenAI API Key

Welcome to the future of artificial intelligence! OpenAI has revolutionized the AI landscape with its remarkable language models like ChatGPT and GPT-4. To harness the power of these AI models, you ...
Yardbarker

Another API Key Scam Steam Users Are Warned

Heads up, Steam users—there’s another scam making the rounds, and it’s got the community on high alert. A couple of days ago, Reddit user Wonderful_Sock_2838 posted a PSA to r/Steam about a fresh API ...