Silver Bullet Security

💎🛡️A Romanian hacker has been sentenced to nearly five years (57 months) in a U.S. federal prison after being extradited to face charges for unauthorized access to the computer networks of various U.S. companies and organizations. The hacker was found guilty of compromising these systems to steal sensitive data and deploy malicious software. This successful prosecution highlights the effective collaboration between the U.S. Department of Justice and Romanian law enforcement, underscoring the U.S. government’s unwavering commitment to prosecuting international cybercriminals and demonstrating that global boundaries provide no sanctuary from the reach of the law. 🏛️

Read more: https://securityaffairs.com/192770/cyber-crime/romanian-hacker-gets-nearly-5-years-in-us-prison-over-network-intrusion.html

Security researchers from CloudSEK have identified a critical vulnerability in over 22 popular Android applications (totaling over 500 million downloads). These apps were found to have hardcoded Google API Keys within their source code. Because of how Google Cloud handles permissions, these keys—originally intended for basic services—can be exploited to gain unauthorized access to Google’s Gemini AI services.

The Shift in API Key Status: Historically, Google suggested that API keys for public services (like Google Maps) did not necessarily need to be kept secret. However, if a developer enables the Gemini API (Generative Language API) within that same Google Cloud project, the "public" key automatically gains the power to access Gemini.
Access to Sensitive Data: Attackers can extract these keys by decompiling the Android app. Once obtained, they can access files uploaded to Gemini, retrieve cached content, and execute AI models under the project owner’s identity.
Financial Impact: Attackers can exhaust AI quotas or rack up massive bills. Some reports indicate victims being charged as much as $15,400 (approx. 500,000 THB) within just a few hours of an exploit.
Read more : https://www.securityweek.com/google-api-keys-in-android-apps-expose-gemini-endpoints-to-unauthorized-access/