Public Google API keys can be used to expose Gemini AI data | Malwarebytes

Previously safe Google Maps/Cloud API keys can now authenticate to Gemini AI, potentially exposing user data or incurring unexpected costs. Researchers found thousands of such keys in public code, highlighting a vulnerability where keys intended for billing identification now act as authentication credentials due to Gemini’s integration.