A security researcher discovered a vulnerability in YouTube's AI assistant, Ask Studio, which allows an attacker to inject malicious content into the assistant's responses. The attacker can leave a comment on a creator's video with instructions for the AI, which will then output the attacker's content as if it were its own analysis. The researcher reported the issue to Google, but it was not considered a security bug. The vulnerability can be used to extract private information, such as video titles, from creators.