Experts find Google API keys are still usable, even after you delete them

For more than 20 minutes after deletion, some Google API keys can still be used, apparently creating a major security gap.
Dark Reading

Google API Keys Remain Active After Deletion

A security researcher discovered the API keys can still be used for 23 minutes after deletion, even though the cloud provider ...
Security Boulevard

The Agentic Era Just Got the Authentication Model It Needs

Workload identity federation has come to AI agents. The agentic identity era starts here. Using API Keys to access AI platforms was never going to survive the agentic era. Anthropic’s support for ...
Bleeping Computer

Over 3,200 apps leak Twitter API keys, some allowing account hijacks

Cybersecurity researchers have uncovered a set of 3,207 mobile apps that are exposing Twitter API keys to the public, potentially enabling a threat actor to take over users' Twitter accounts that are ...

Google users fight for refunds as unauthorized API usage bills soar

EXCLUSIVE Several Google Cloud customers say their API keys have been compromised and used by bad actors to run inferencing ...
Dark Reading

Pan-African Financial Apps Leak Encryption, Authentication Keys

Encryption, authentication, and signing keys are often exposed in mobile fintech apps used across Africa, according to researchers at Approov, who found passwords, application programming interface ...