Google API Keys in Android Apps Expose Gemini Endpoints to Unauthorized Access

Dozens of such keys can be extracted from apps’ decompiled code to gain access to all Gemini endpoints.