A security vulnerability was found in YouTube's AI assistant Ask Studio, where an attacker can inject malicious comments that are then read by the AI and presented as its own response to creators. This allows attackers to extract sensitive information from creators' private videos by manipulating the AI to generate links with channel data, putting millions of creators at risk.