Blog | LMG Security

Filter Results

Featured Blog

Google Gemini Changed the Rules: Are Your API Keys Exposed?

For years, Google told developers that certain API keys were not secrets. They were described as project identifiers—safe to embed in client-side code for Maps or Firebase, especially with referrer restrictions. Then something changed. “Google retroactively turned API keys that were meant to be public into sensitive credentials,” said Tom Pohl, Head of Penetration Testing at LMG […]

LMG Security Blog

Filter Results

Monthly Newsletter

Google Gemini Changed the Rules: Are Your API Keys Exposed?

Betrayed From Within: The Modern Insider Attack

Made in China—Hacked Everywhere? What Organizations Need to Know Now

Holiday Hackers: How AI Is Supercharging Seasonal Fraud—and What Your Organization Must Do Now

Top Control of Q4 2025: Penetration Testing

Poisoned Search: How Hackers Turn Google Results into Backdoors

The Power of Why: Making Cybersecurity Training Stick

The Cybersecurity Information Sharing Act Has Lapsed—Here’s How to Adapt & Stay Ahead of Attackers

Inside Scattered Spider Indictments: What Security Leaders Need to Know

Vibe Hacking: How AI Is Reshaping Cybercrime and What Your Organization Can Do

The Saga Continues: More Dirt on the Salesforce–Drift Breach

Connected App, Connected Risk: Lessons from the Salesforce–Drift Breach

When Hackers Get Hacked: Lessons From Underground Betrayals