Google Cloud Leaks Gemini API Keys
A major security lapse exposed thousands of public Google Cloud API keys, some granting access to Gemini AI models. The leak, which occurred after users enabled certain APIs, leaves cloud accounts vulnerable to misuse and uncontrolled billing, according to reports.
The security firm Truffle Security uncovered the vulnerability by scanning the November 2025 Common Crawl dataset, where they identified 2,863 live Google API keys vulnerable to this issue. The exposed keys weren't limited to small projects; victims included major financial institutions, security companies, and even Google's own infrastructure. The core of the problem was a retroactive privilege expansion. For over a decade, Google had instructed developers that API keys for services like Maps and Firebase were not secrets and were safe to embed in client-side code. When the Gemini API was enabled on a project, these same publicly exposed keys were silently and automatically granted access to sensitive AI models without any warning or developer action. Researchers first reported the vulnerability to Google on November 21, 2025, but the report was initially dismissed as "intended behavior." It was only after Truffle Security provided examples of vulnerable keys on Google's own product websites that the issue was reclassified as a bug and escalated internally on December 2, 2025. Google eventually categorized the flaw as a "Single-Service Privilege Escalation" on January 13, 2026. The incident sparked intense discussion among developers on platforms like Hacker News, highlighting a critical developer experience failure: the inability to set hard spending caps on Google Cloud API keys. This lack of a feature, common on other platforms like OpenAI, exposes developers to massive "bill shock," as evidenced by one user on Reddit who claimed a stolen API key resulted in over $82,000 in charges. In response, Google has begun blocking known leaked keys from accessing the Gemini API. The company's roadmap includes changing the default for new keys created via AI Studio to be Gemini-only and proactively notifying developers when leaked keys are identified. This leak serves as a crucial lesson for founders building developer tools on the dangers of insecure defaults and breaking the trust contract with developers. The default "Unrestricted" setting for new keys and the silent alteration of the security posture for existing keys created a trap that even Google's own engineers fell into, demonstrating how critical secure-by-design principles are for API development.
