A security vulnerability has been discovered where unrestricted Firebase browser keys can be used to access Gemini APIs, leading to unexpected billing spikes. One user reported a €54,000 increase in charges within 13 hours due to this issue. A script has been developed to scan Firebase projects for exposed API keys and test them against Gemini, providing a report on their status. AI
Summary written by gemini-2.5-flash-lite from 1 source. How we write summaries →
RANK_REASON A script was released to detect and mitigate a specific security vulnerability related to API key exposure.