SecurityWeek

Google API Keys in Android Apps Expose Gemini Endpoints to Unauthorized Access

The Google API keys, all using the ‘AIza…’ format, can be abused for retroactive privilege escalation: a key that a developer ...

FiscalNote Expands PolicyNote API with District Matching Capability to Power Organizations' Grassroots Advocacy Efforts

FiscalNote Holdings, Inc. (OTC: NOTE), a global leader in AI-driven policy and regulatory intelligence, today announced the expansion of its PolicyNote API to include address-to-d ...
The Hacker News

Thousands of Public Google Cloud API Keys Exposed with Gemini Access After API Enablement

New research has found that Google Cloud API keys, typically designated as project identifiers for billing purposes, could be abused to authenticate to sensitive Gemini endpoints and access private ...
Bleeping Computer

Previously harmless Google API keys now expose Gemini AI data

Google API keys for services like Maps embedded in accessible client-side code could be used to authenticate to the Gemini AI assistant and access private data. Researchers found nearly 3,000 such ...
The Hacker News

Malicious npm Packages Harvest Crypto Keys, CI Secrets, and API Tokens

Cybersecurity researchers have disclosed what they say is an active "Shai-Hulud-like" supply chain worm campaign that has leveraged a cluster of at least 19 malicious npm packages to enable credential ...
GitHub

Bridge any LangGraph agent to OpenAI's Responses API format with zero configuration.

langgraph-responses-gateway is a lightweight Python package that exposes any LangGraph agent or multi-agent system as an OpenAI Responses API endpoint. This enables seamless integration with modern AI ...