A configuration change at Google has turned previously harmless API keys into a critical data exposure risk for Gemini AI users. Juniper Networks discloses a full router takeover vulnerability in PTX routers. European DIY retailer ManoMano suffers 38 million customer breach. Plus: Trend Micro critical RCE patches, ransomware payments hit record lows, and typosquatted NuGet packages targeting the financial sector.
Google API keys for services like Google Maps that were previously considered low-risk when embedded in client-side code can now be used to authenticate to the Gemini AI assistant and access private user data. This is a breaking change in Google's API authentication model that affects thousands of web applications.
For years, developers have embedded Google Maps API keys in publicly accessible JavaScript code without major security concerns — Maps API keys were scoped to specific services and posed minimal risk even when exposed.
Google's recent integration of Gemini AI capabilities has changed the threat model. The same API keys can now be used to query Gemini and potentially access:
This represents a massive privilege escalation for exposed API keys. What was once a cosmetic issue (someone using your Maps quota) is now a data breach waiting to happen.
Juniper Networks has disclosed a critical vulnerability in Junos OS Evolved running on PTX Series routers that allows an unauthenticated attacker to execute code remotely with root privileges.
The flaw allows attackers to gain complete control of PTX routers, potentially enabling network interception, traffic manipulation, and lateral movement into connected infrastructure.
PTX Series routers are high-performance core routers used by telecommunications providers, ISPs, and large enterprises. A compromised PTX router can:
This is a nation-state-grade vulnerability if exploited in telecom environments.
European DIY and home improvement retailer ManoMano is notifying customers of a data breach affecting 38 million users across Europe. The breach was caused by attackers compromising a third-party service provider.
NIS2 Implication: ManoMano operates across the EU and likely falls under NIS2 scope as a major e-commerce platform. This breach will test the new incident reporting requirements — companies must report significant incidents within 24 hours under NIS2.
This breach underscores the supply chain attack surface that NIS2 specifically targets. Organizations are responsible for their vendors' security posture, and third-party compromises now carry regulatory consequences.
Trend Micro has patched two critical vulnerabilities in Apex One enterprise endpoint security software that allow attackers to gain remote code execution on vulnerable Windows systems.
Apex One is an endpoint protection platform — the software meant to prevent RCE attacks is itself vulnerable to RCE. Attackers targeting Apex One deployments can:
If your security stack is the weakest link, you have a serious architecture problem.
Trend Micro releases are available. This should be P0 patching priority — your endpoint protection layer is critical infrastructure.
Despite a surge in ransomware attacks, the percentage of victims paying ransom has dropped to 28% in 2025 — an all-time low according to multiple threat intelligence reports.
Ransomware groups are adapting. We're seeing:
The decline in payments is good news for defenders, but it's driving threat actors to evolve their tactics.
Researchers discovered a malicious NuGet package named StripeApi.Net impersonating Stripe's official Stripe.net library (which has over 75 million downloads).
StripePayments on February 16, 2026The package has since been removed, but affected applications may have leaked payment processing credentials.
Stripe API keys allow attackers to:
Developer teams: Audit your packages.config and .csproj files for StripeApi.Net. If found, rotate all Stripe API keys immediately.
French professional football club Olympique de Marseille has confirmed a cyberattack after threat actors claimed on Monday to have breached the club's systems earlier this month and leaked internal data.
Sports organizations are increasingly targeted for:
✅ API Key Exposure Detection — Scan repos and codebases for hardcoded credentials
✅ Supply Chain Monitoring — Track malicious packages across NuGet, npm, PyPI, and Maven
✅ Critical CVE Alerting — Get notified when vendors like Juniper or Trend Micro release emergency patches
✅ NIS2 Compliance — German-language incident reports and automated vulnerability documentation
332,000+ CVEs indexed. AI-generated patches. GitHub PR automation.
Start Free TrialStay secure. Stay vigilant.
🗡️ KENSAI Security Team