Today’s attack surface is shifting from the endpoint to the API, and AI and third-party SaaS are worsening the issue. CISOs offer advice for API defense.

Choosing the right API is a critical decision for any crypto project, whether you’re building a portfolio tracker, a DeFi ...

Researchers scanning 10 million webpages have found that nearly 10,000 pages contained live API credentials left in plain ...

A developer says their company is on the hook for more than $82,000 in unauthorized charges after a stolen Google Gemini API key racked massive usage costs up in just 48 hours. "I am in a state of ...

Just as researchers are ringing the alarm bells about thousands of exposed Google API keys, one small dev team is facing the worst-case scenario – an $82,000 bill. A team of three developers in Mexico ...

AI Economy: A team of three developers in Mexico is facing a roughly 455× increase in monthly AI service expenses after an API key associated with their project was allegedly compromised. The key was ...

New research has found that Google Cloud API keys, typically designated as project identifiers for billing purposes, could be abused to authenticate to sensitive Gemini endpoints and access private ...

Google Cloud API keys, normally used as simple billing identifiers for APIs such as Maps or YouTube, could be scraped from websites to give access to private Gemini AI project data, researchers from ...

Google Cloud API keys have long appeared in public JavaScript to power Maps, YouTube embeds, analytics and Firebase features. Historically, many teams treated those strings as “ok to expose,” mainly ...

Google is facing renewed security scrutiny after researchers revealed that publicly exposed API keys can be abused to access Gemini AI services. The issue centers on Google API keys embedded in client ...