Security researchers at Truffle Security have uncovered a critical flaw in Google’s API key system. Legacy public-facing Google API keys can quietly access sensitive Gemini AI endpoints without developer warnings. This exposes private files, cached data, and billable AI usage to attackers. The Hidden Upgrade Risk For years, Google advised developers to embed API keys […] The post Google API Key Misconfigurations Lead to Silent Data Exposure via Gemini appeared first on Cyber Security News.