CPO Magazine

Researchers Warn Benign Google API Keys Could be Exploited to Rack Up Gemini AI Bills

Researchers with Truffle Security are warning that old and seemingly benign Google API keys might now be weaponized by threat actors after gaining Gemini AI authorization permissions, in a destructive ...
Blockonomi

OpenClaw API Integration Is Live in the Crypto.com App: Here’s What Traders Need to Know

Crypto.com launches OpenClaw API integration, enabling AI-powered trading agents with custom budgets, permissions, and trade approvals.

A stolen Gemini API key turned a $180 bill into $82,000 in two days

One of the affected developers shared the incident on Reddit. According to the post, the Google Cloud API key was compromised between February 11 and February ...
The Hacker News

Thousands of Public Google Cloud API Keys Exposed with Gemini Access After API Enablement

Research reveals 2,863 public Google API keys can access Gemini endpoints, enabling data exposure and massive billing abuse.
InfoWorld

‘Silent’ Google API key change exposed Gemini AI data

API key exploitation is more than hypothetical. In a different context, a student who reportedly exposed a GCP API key on GitHub last June was left nursing a $55,444 bill (later waived by Google) ...
Windows Report

Hackers Could Exploit Exposed Google API Keys to Access Gemini AI

Over 2,800 exposed Google API keys may allow unauthorized Gemini AI access, risking data leaks and massive API charges.

Previously harmless Google API keys now expose Gemini AI data

Google API keys for services like Maps embedded in accessible client-side code could be used to authenticate to the Gemini AI ...
Digiday

The Rundown: What YouTube creators should expect to change in 2026

On Jan. 21, YouTube CEO Neal Mohan released a lengthy blog post about what creators can expect in 2026, outlining upcoming changes poised to drastically affect creator experiences on the platform. The ...
Infosecurity-magazine.com

Vibe-Coded Moltbook Exposes User Data, API Keys and More

A self-styled social networking platform built for AI agents contained a misconfigured database which allowed full read and write access to all data, security researchers have revealed. Moltbook was ...
cryptopolitan

10,000 users’ OpenAI API keys have found stolen by fake Chrome AI extension

A Chrome extension posing as an AI assistant exposed more than 10,000 users, secretly harvesting OpenAI API keys and sending data to attacker-controlled servers. Researchers say at least 459 API keys ...
financefeeds

Flow Traders Integrates Sodot API Key Security Layer for Crypto Trading

Flow Traders has integrated a new exchange API key management system into its crypto trading infrastructure, responding to growing concern over operational risks tied to automated trading. The ...
CoinTelegraph

Viral AI assistant ‘Clawdbot’ risks leaking private messages, credentials

Cybersecurity researchers have raised red flags about a new artificial intelligence personal assistant called Clawdbot, warning it could inadvertently expose personal data and API keys to the public.