Google API keys embedded in client-side code can now authenticate to the Gemini AI assistant, enabling attackers who find exposed keys to access private data and make costly API calls. Researchers found nearly 3,000 live exposed keys across public sites, prompting Google and TruffleSecurity to implement mitigations and advise developers to audit and rotate keys. #Gemini #Google
Keypoints
- Client-side Google API keys embedded in websites can authenticate to the Gemini (Generative Language) API.
- TruffleSecurity found more than 2,800 live exposed keys in the November 2025 Common Crawl dataset, including keys from major firms and Google.
- Attackers copying exposed keys can access private data through Gemini and potentially incur thousands of dollars in API charges per victim account.
- Google classified the flaw as a single-service privilege escalation and has implemented blocks, Gemini-only key scopes, and proactive leak detection.
- Developers should audit projects for Gemini enablement, rotate any exposed keys immediately, and use tools like TruffleHog to detect leaks.