PUBLIC Google API keys that were once considered safe to publish can now function as real Gemini AI credentials, meaning any key found in public JavaScript or application code may let attackers connect to Gemini, access data, or run up someone else’s cloud bill. Researchers found around 2,800 live Google API keys in public code that can authenticate to Gemini, including keys tied to major financial, security, and recruiting firms, and even Google itself.
Historically, Google Cloud API keys for services like Maps and YouTube embeds were treated as non-secret billing identifiers, and Google’s guidance allowed embedding them in client-side code; the Gemini change means these keys can act as authentication credentials for an AI endpoint. The report notes that, from an attacker’s perspective, this resembles password reuse but baked in by design, since a single key can grant access to sensitive workflows beyond simple identification.
To stay safe, developers are advised to audit whether Gemini is enabled, rotate any exposed keys, and verify that none of them are public, while individuals should monitor account access and be cautious about third‑party integrations.