セキュリティ企業Truffle Securityが米国時間2026年2月25日付の記事で、Googleが長年「APIキーは秘密情報ではない」と案内してきたキーが、AI「Gemini」のAPIにも通ってしまう場合がある問題を公開しました。

Exposed Google Cloud API keys in public JavaScript may now authenticate Gemini API calls, risking data exposure and runaway ...

Exposed Google API keys previously not considered secrets can now inadvertently grant attackers access to sensitive Gemini ...

Research reveals 2,863 public Google API keys can access Gemini endpoints, enabling data exposure and massive billing abuse.

Google API keys for services like Maps embedded in accessible client-side code could be used to authenticate to the Gemini AI ...

Over 2,800 exposed Google API keys may allow unauthorized Gemini AI access, risking data leaks and massive API charges.

For decades, web architecture has followed a familiar and frankly exhausting pattern. A dominant approach emerges, gains near ...

Abstraction is considered a virtue in software development. However, practice shows that wrong abstractions cause more harm ...

The Hacker News is the top cybersecurity news platform, delivering real-time updates, threat intelligence, data breach ...

Google ships WebMCP protocol, letting websites expose structured functions to AI agents and reducing computational overhead ...

The thick client is making a comeback. Here’s how next-generation local databases like PGlite and RxDB are bringing ...

株式会社brinity（本社：東京都千代田区、代表取締役社長：有江 和文）は、延岡市が主催する「令和7年度 ...