Tag
Google has shipped the first iteration of API Key breakdown for Gemini API usage, allowing users to filter request charts by API key, with more granular controls coming soon.
Google API keys continue to work for up to 23 minutes after deletion, leaving a window for attackers to exploit. Google has marked the issue as 'won't fix'.
Binance CEO warns users to check API keys as GitHub investigates unauthorized access to its internal repositories, though no customer data impact has been confirmed yet.
A warning that Claude Code may be reading .env files containing API keys, database passwords, and other secrets, sending them to Anthropic's servers via conversation logs, with a claimed fix involving a settings.json configuration.
Blog post proposes offloading API-key injection to an internal HTTP proxy so apps and agents never see secrets, easing rotation and reducing exfiltration risk.
Byoky is a product that allows users to share AI budget/usage limits without exposing their underlying API keys, addressing security and cost-sharing concerns.