Truffle Security discovered that 2,863 publicly exposed Google API keys (the AIza... prefix format) can authenticate to sensitive Gemini AI endpoints. The root cause: Google uses a single API key format for two fundamentally different purposes — public identification and sensitive authentication.
When a user enables the Gemini API (Generative Language API) on a Google Cloud project, all existing API keys in that project gain surreptitious access to Gemini endpoints — including keys embedded in client-side JavaScript that Google had explicitly told developers were safe to expose.
The real-world impact is documented: one developer's company was charged $82,314 in unauthorised Gemini API usage within 48 hours after their key was compromised. Google classified the flaw as "single-service privilege escalation" and has since implemented proactive blocking of leaked keys attempting Gemini API access. Organisations should audit all Google Cloud API key scoping, especially on projects where the Generative Language API is enabled.