Researchers have discovered that API keys embedded in Android applications are exposing Google’s Gemini endpoints to unauthorized access. The exposure allows potential attackers to bypass authentication mechanisms and utilize the AI service without proper authorization. SecurityWeek reports the findings represent a security vulnerability affecting applications that improperly handle sensitive API credentials.
Google API Keys in Android Apps Expose Gemini Endpoints to Unauthorized Access – SecurityWeek
Leave a Comment
Leave a Comment