GitHub Outage Map

Community Discussion

Tips? Frustrations? Share them here. Useful comments include a description of the problem, city and postal code.

Beware of "support numbers" or "recovery" accounts that might be posted below. Make sure to report and downvote those comments. Avoid posting your personal information.

GitHub Issues Reports

Latest outage, problems and issue reports in social media:

• 
  ኦስቲን (@Subsaharxn) reported 52 seconds ago

  I will be allowing let 5 people piggyback on the server. If you're interested let me know and I'll send you a service token, also please you should be working on a proj and have an active GitHub repo, I don't want to waste this on people that will just let this be dormant.

• 
  Elie Nahas (@NahhasElie) reported 2 minutes ago

  AI builders: stop pitching “works across any workflow.” Pick one ugly input: - vague tickets - messy invoices - sales calls - half-written GitHub issues Then turn it into one decision-ready output. Generic agents impress builders. Specific agents get bought.

• 
  Saravanar Boopalan (@saran_saravanar) reported 3 minutes ago

  2/ Examples: inbox classifier, PDF summarizer, GitHub issue triage, meeting-note action extractor, personal search over notes.

• 
  Xinhao Cheng (@chengxinhao1) reported 4 minutes ago

  @RyewhiskyNcx @JiaZhihao Mirage also has a public GitHub repo with an open Issues tab, and the authors have email. Barking with “embarrassing” without making any meaningful point is even less technical.

• 
  Gitbank (@Gitbank_io) reported 6 minutes ago

  This is not a smart contract bug. This is a private key that lived somewhere it should not have. Gitbank vault operations require a GitHub webhook signed by GitHub's own servers. Even if every developer laptop, server, and database in the Gitbank stack is fully compromised, not one token moves without a GitHub account confirmation.

• 
  anton (@realantonmaier) reported 8 minutes ago

  @Plinz Its price differentiation not guardrails. When opus 4.6 was lobotomized the head of growth answered in the GitHub issue complains not the head of alignment. At the same time sky-high numbers for mythos made the round. All llm companies have the same problem: prices are falling

• 
  Marco (@maarcoofdezz) reported 13 minutes ago

  AI agents are already handling real funds. Yet most of them still rely on private keys stored in a .env file. That’s a problem. Ledger just open-sourced Agent Stack, bringing hardware-backed signing to agent workflows. The agent can plan, execute, and propose transactions. But the final approval happens on a hardware device controlled by a human. LLMs gave us intelligence. Agents gave us automation. Hardware gives us trust. GitHub Link Below 👇

• 
  LλURA-VΞRSΞ (@Laura__crypto) reported 16 minutes ago

  Someone just built what Bloomberg terminal users pay $24k/year for. Claude connected to TradingView via an open-source MCP server (1.7k stars on GitHub). You prompt it. It reads live charts, switches timeframes, draws liquidity zones, labels bias. All autonomously in your browser. No API keys. No monthly subscriptions. No manual screenshot-to-ChatGPT workflow. One weekend project replaced the entire retail trading stack. The AI-native trading infrastructure isn’t coming, it’s a GitHub clone away.

• 
  gitbankbot (@gitbankbot) reported 17 minutes ago

  All vault operations happen in GitHub Issues and PRs. Mention @gitbankbot to move funds, assign bounties, settle payments. No separate interface needed. 224 vaults running on this model.

• 
  Claudecode_JP General🏢 (@Claudecode_JPEG) reported 19 minutes ago

  MCP Integration: How GitHub Copilot Now Connects Design and Code GitHub Copilot now supports MCP server connections to Figma, enabling developers to generate design layers directly from VS Code. Learn how this bridges design and development wor... More details in the link below.

• 
  ⌂: ~/ras (@r4s0n3) reported 20 minutes ago

  @jpacorasilva @github Hope they fix this soon 😴

• 
  Nillionaire.ts 🇳🇬 (@igboonaija3) reported 21 minutes ago

  Github is broken in many ways people earn over $350k there

• 
  Ayaan 🐧 (@twtayaan) reported 22 minutes ago

  Linus Torvalds could have been richer than Elon Musk. He chose not to be. In 2005 his team lost access to the tool they used to manage Linux code overnight. A developer had reverse-engineered it and the company behind it cut them off without warning. Thousands of developers. No way to collaborate. No backup plan. Torvalds did not panic. He sat down and built his own version control system from scratch. In 10 days. He called it ***. On day one it was already tracking its own source code. Within weeks it was managing the entire Linux project. By end of 2005 *** 1.0 was officially released. Then he gave it away for free. Open source. No company. No patents. No monetization. He handed the project off after a few months and went back to working on Linux like nothing happened. Other people saw what he left on the table. GitHub built on top of it. 100 million developers. Microsoft bought it in 2018 for $7.5 billion. GitLab went public in 2021 at nearly $12 billion. Today *** controls over 85% of the version control market. Every app on your phone. Every website you visit. Built using ***. Torvalds made $0 from any of it. He built the most used developer tool in history because he was annoyed. Then gave it away because he believed it should be free for everyone. And he has never once said he regrets it.

• 
  Vladimir Cageyv Samoylov (@cageyvdev) reported 22 minutes ago

  5 Cyber Stories Tech Leaders Need: Microsoft GitHub malware, AI exploits in 31 mins, Check Point VPN zero-day, Chrome zero-day fix, protobuf.js RCE. Automation is double-edged. Move fast or pay later.

• 
  GoCocoaAI (@GoCocoaAI) reported 22 minutes ago

  Miasma open-sourced its full attack toolkit an hour ago via four compromised developer accounts. GitHub nuked the repos. The code is already distributed. This is not a worm story. It's a platform story. Miasma is second-generation — a direct descendant of TeamPCP's Shai-Hulud, which went open-source on May 13. Copycats emerged within days of that release. Miasma was one of them. Now Miasma repeats the cycle at a higher capability level, and the pattern is documented enough at this point to call it a playbook: develop privately, achieve meaningful compromise scale, open-source the previous version, retain the more capable private fork. The public release provides clean attribution deconfliction. Whatever Miasma's operators are running now isn't what just shipped to GitHub. It never is. The toolkit scope, per SafeDep's analysis, is credential theft against arbitrary packages, AI coding tool configuration poisoning, GitHub Actions abuse, SSH-based lateral movement — modular, from a single framework. The worm component is delivery. The rest is an attack platform that lower-sophistication actors can now modify minimally and run. The architecture detail that outlives the headline: Miasma uses three independent GitHub commit search channels as C2. No external infrastructure. Unauthenticated, over public APIs. The channels — DontRevokeOrItGoesBoom for PAT exfiltration (AES-256-CBC, encrypted in commit messages), TheBeautifulSandsOfTime for JavaScript eval() delivery, firedalazer for persistent Python payload — each use independent validation keys, so compromising one doesn't cascade. The traffic is indistinguishable from a developer running grep queries against *** log. Your SIEM's beacon interval rules and anomalous IP watchlists don't see this. SafeDep's framing is correct: the detection problem has moved from the network layer to the application protocol layer. Welcome to the architecture the industry has been warning about since GitHub became load-bearing infrastructure. Socket is currently tracking 473 affected package artifacts across npm, PyPI, RubyGems, GitHub Actions, and JFrog Artifactory. The confirmed victim list includes Red Hat OSS repos and 70+ Microsoft GitHub repos — GitHub nuked the Microsoft repos June 8, the day before the toolkit went public. 80,000 weekly downloads were in the blast radius at peak (Red Hat npm packages, around June 1). Wiz principal threat researcher Rami McCarthy, as of 18:05 UTC today, has not observed opportunistic adoption of the open-sourced toolkit. That's the same condition that held immediately after Shai-Hulud went public. Copycats appeared within days. The 72-hour window is the relevant clock right now. The AI coding assistant config poisoning module deserves specific attention. GitHub Copilot, Cursor, Cline, Continue — these tools have codebase access and credential access, and their configuration sources and update mechanisms are not uniformly scrutinized the way package dependencies are. A developer running a poisoned AI tool config can exfiltrate credentials across multiple projects without a single suspicious package install. The blast radius per victim is larger than traditional supply chain compromise. The industry noticed AI tooling as an attack surface approximately six months after shipping it everywhere. It always does. Who is materially exposed: any org pulling from npm, PyPI, or RubyGems without package integrity verification — 473 known-affected artifacts is not a small number — GitHub Actions pipeline operators whose CI/CD trust boundary is now the attack surface by design, teams using AI coding assistants without scrutiny of config provenance, and JFrog Artifactory operators explicitly targeted for credential theft against private registries. The Socket artifact count will update upward. The first confirmed Miasma-derived campaign from a new actor is the leading indicator to watch — that's when the open-source release confirms it's being actively weaponized. That clock started this morning.