3月2日消息，TruffleSecurity研究人员披露了一项安全研究，指出 Google Cloud API 密钥——谷歌多年来明确告知开发者可以安全嵌入公共代码的凭证——如今可以在无提示的情况下与 Gemini API 进行身份验证，从而让任何发现这些密钥的人访问上传文件、缓存数据以及计费的 AI 资源。

「仅过了 48 小时，一笔 8.2 万美元的天价费用凭空出现，较这家小型初创公司的正常月费暴涨近 46000%。」 这不是假设的虚幻故事，而是一家墨西哥初创公司正在经历的真实危机。 近日，一位名为 RatonVaquero 的开发者在 Reddit 发帖求助称，由于他的 Gemini API 密钥被盗用，原本每月仅约 180 美元（约 1242 元）的费用，在短短 48 小时内暴涨到 82,314 ...

Google API keys for services like Maps embedded in accessible client-side code could be used to authenticate to the Gemini AI assistant and access private data. Researchers found nearly 3,000 such ...

Google Maps now requires you to sign in to get all the perks, but it's probably worth it. Use these tips to remember parking spots, access maps offline, share your location, and more. My PCMag career ...

Google Maps is getting a new 2025 update that introduces numerous new features. The navigation app gets Gemini-powered intelligence, smarter recommendations, and new privacy control options. The ...

Tucked behind winding roads, dense woodland and watchful cameras lies a town most Americans have never seen, and many locals don't even know exists. Just ten miles from downtown Minneapolis, North ...

The Hacker News is the top cybersecurity news platform, delivering real-time updates, threat intelligence, data breach reports, expert analysis, and actionable insights for infosec professionals and ...