How a Google API Key Became an $8,000 AI Bill, Meta Scam Ads Lawsuit, and 73-Second Cyber Attacks
Cybersecurity Today15 Mai

How a Google API Key Became an $8,000 AI Bill, Meta Scam Ads Lawsuit, and 73-Second Cyber Attacks

Google Cloud customers are reporting shocking surprise bills after compromised or misused API keys were allegedly used to access expensive Gemini AI services. In one case, Rod Dinan says his monthly Google Cloud costs jumped from under $50 to nearly $8,000. Sydney developer Isuru Fonseka says he was hit despite setting spending controls, raising broader questions about API key security, client-side exposure, billing alerts, and how quickly attackers can exploit AI infrastructure.

Cybersecurity Today also covers prosecutors' allegations that two fired brothers sabotaged systems tied to government-related work after access wasn't revoked quickly enough, Santa Clara County's civil lawsuit accusing Meta of profiting from scam ads on Facebook and Instagram, and Horizon3.ai's warning that attackers can exploit newly exposed systems in as little as 73 seconds while many organisations still take 24 hours or longer to respond.

If your organisation uses APIs, AI services, cloud billing controls, or internet-facing infrastructure, this episode matters.

#Cybersecurity #GoogleCloud #GeminiAI #APIKeys #CloudSecurity #Meta #ScamAds #CyberAttack #CybersecurityToday #AIsecurity

CHAPTERS

00:00 Google Cloud API Key Bill Shock
01:20 Real-World Victims: Surprise AI Charges
02:24 Why Spending Caps Didn't Stop the Damage
03:38 The Enterprise Cloud Security Risk
04:19 Fired Employees and Alleged Insider Sabotage
04:55 The Database Destruction Timeline
06:34 What This Incident Teaches Security Teams
07:10 Santa Clara County Sues Meta Over Scam Ads
08:46 Attackers Can Strike in 73 Seconds
10:14 Closing and Next Episode

Denne episoden er hentet fra en åpen RSS-feed og er ikke publisert av Podme. Den kan derfor inneholde annonser.

Episoder(100)

Cybersecurity & Arctic Sovereignty: Protecting Canada's Most Vulnerable Infrastructure Cheryl Biswas

Cybersecurity & Arctic Sovereignty: Protecting Canada's Most Vulnerable Infrastructure Cheryl Biswas

Host David Shipley speaks with cybersecurity professional Cheryl Biswas about her journey into the industry and why she believes Arctic sovereignty must be viewed as a cybersecurity challenge as much ...

29 Mai 29min

CISA Orders Emergency Drupal Patch | Microsoft Server Bug | Google Fights Canada Surveillance Bill

CISA Orders Emergency Drupal Patch | Microsoft Server Bug | Google Fights Canada Surveillance Bill

CISA has ordered U.S. federal civilian agencies to urgently patch an actively exploited critical Drupal SQL injection vulnerability (CVE-2026-9082) affecting PostgreSQL-backed Drupal deployments, afte...

27 Mai 10min

AI Vulnerability Explosion, Kim Wolf Botnet Arrest, Ghost CMS Hack, Iran Cyber Espionage

AI Vulnerability Explosion, Kim Wolf Botnet Arrest, Ghost CMS Hack, Iran Cyber Espionage

Is AI about to trigger a cybersecurity vulnerability explosion? In this episode of Cybersecurity Today, David Shipley examines what some researchers are calling the early signs of a "vulnerability apo...

25 Mai 13min

Researcher Finds Public GitHub Repo Exposing Sensitive CISA Credentials

Researcher Finds Public GitHub Repo Exposing Sensitive CISA Credentials

The episode recounts how GitGuardian security researcher Guillaume Valadon, while monitoring public GitHub for leaked secrets, discovered a publicly accessible repository labeled "CISA-Private" contai...

23 Mai 26min

GitHub Breach Exposes 3,800 Repos | Microsoft Kills SMS Authentication | Proton Fights Canada Bill

GitHub Breach Exposes 3,800 Repos | Microsoft Kills SMS Authentication | Proton Fights Canada Bill

GitHub confirms a major supply chain breach after a malicious Visual Studio Code extension reportedly gave attackers linked to TeamPCP access to roughly 3,800 internal repositories. The bigger issue: ...

22 Mai 9min

Windows 11 BitLocker Zero-Day, TeamPCP Malware Leak, Iran Gas Station Hacks | Cybersecurity Today

Windows 11 BitLocker Zero-Day, TeamPCP Malware Leak, Iran Gas Station Hacks | Cybersecurity Today

A serious new Windows 11 BitLocker vulnerability, open-sourced offensive malware tools, a suspected Iranian cyber campaign targeting U.S. fuel infrastructure, and malware that appears designed to inte...

20 Mai 13min

Exchange Zero-Day Under Attack, Ransomware Gets Smarter, Fortinet Critical Flaws

Exchange Zero-Day Under Attack, Ransomware Gets Smarter, Fortinet Critical Flaws

A dangerous new Microsoft Exchange zero-day is being actively exploited, ransomware gangs are adopting nation-state-style tactics, two fired contractors were caught deleting U.S. government databases ...

19 Mai 12min

Inside CIRA: How Canada's .ca Registry Became a Global DNS & Cybersecurity Force

Inside CIRA: How Canada's .ca Registry Became a Global DNS & Cybersecurity Force

David Shipley interviews Jon Ferguson, VP at CIRA, about how the Canadian Internet Registration Authority evolved from early paper-based .ca registrations at UBC into a 142-person, member-based not-fo...

16 Mai 53min

Populært innen Politikk og nyheter

giver-og-gjengen-vg
aftenpodden
aftenpodden-usa
popradet
forklart
stopp-verden
fotballpodden-2
rss-espen-lee-usensurert
nokon-ma-ga
rss-gukild-johaug
hanna-de-heldige
dine-penger-pengeradet
det-store-bildet
rss-ness
aftenbla-bla
e24-podden
lydartikler-fra-aftenposten
rss-dannet-uten-piano
bt-dokumentar-2
rss-penger-polser-og-politikk