CSO Online

‘Silent’ Google API key change exposed Gemini AI data

API key exploitation is more than hypothetical. In a different context, a student who reportedly exposed a GCP API key on GitHub last June was left nursing a $55,444 bill (later waived by Google) ...

Google Workspace CLI brings Gmail, Docs, Sheets and more into a common interface for AI agents

For agents, the value is clearer still: structured JSON output, reusable commands and built-in skills that let models interact with Workspace data and actions without a custom integration layer.
CSO Online

OAuth phishers make ‘check where the link points’ advice ineffective

Microsoft has identified a phishing campaign using malformed links to legitimate OAuth services to redirect to malware ...

Google to disable Customer Match uploads in Ads API

From April 1, 2026, Google will block inactive developer tokens from uploading Customer Match data via the Google Ads API.

A stolen Gemini API key turned a $180 bill into $82,000 in two days

One of the affected developers shared the incident on Reddit. According to the post, the Google Cloud API key was compromised between February 11 and February ...

Google Ads API enforces daily minimum budget for Demand Gen campaigns

Starting April 1, Google will require a $5 daily minimum budget for Demand Gen campaigns in the Google Ads API.

Chrome Extension Hijacked to Deliver Malware, Steal Crypto Wallets

A compromised Chrome extension with 7,000 users was updated to deploy malware, strip security headers, and steal cryptocurrency wallet seed phrases.