GitHub Outage Map

Community Discussion

Tips? Frustrations? Share them here. Useful comments include a description of the problem, city and postal code.

Beware of "support numbers" or "recovery" accounts that might be posted below. Make sure to report and downvote those comments. Avoid posting your personal information.

GitHub Issues Reports

Latest outage, problems and issue reports in social media:

• 
  Manavmeet Singh (@Manavvv31) reported 40 seconds ago

  You paid LastPass to protect your passwords. LastPass stored your vault backup on servers that got hacked. Here is what they hid for three months, and what you should actually use. You paid LastPass to protect your passwords. LastPass stored your vault backup on servers that got hacked. Here is what they hid for three months, and what you should actually use. In August 2022, attackers broke into LastPass's systems. The company's first statement said no customer data was affected. Their November update told a different story. The hackers had taken a full copy of every customer's encrypted password vault. But there was something else in those backups that was never encrypted at all. The websites you saved passwords for. Your billing address. Your email. Your phone number. Your IP address from every login session. All sitting in plain text, attached to every stolen vault. An attacker did not need to crack a single password to know where you bank, what medical sites you visit, and what your home address is. The FTC filed a complaint in 2024 citing years of deceptive security practices. The CEO stepped down. Here is the timeline: August 2022. Hackers enter LastPass's systems. September 2022. LastPass says limited information was accessed. December 2022. LastPass confirms the entire vault backup was stolen. January 2023. Researchers publish analysis showing that older vaults with weak encryption settings could be cracked. 2024. FTC complaint filed. So what do you actually use. Bitwarden is open source. The full codebase is on GitHub. It has been independently audited three times. The free tier covers everything most people need. The code is the proof. Not the marketing. Security software that cannot show you its source code is asking you to trust a promise. Promises are not a security model.

• 
  YummyNZT (@yummy_nzt) reported 4 minutes ago

  🚀 BUYING $DOGE RIGHT NOW TO FLIP IT 3X HIGHER IN 3 MONTHS Massive panic selling absorption by major players happening at this level right now. Historically, this accumulation leads to huge pumps 📅 Aug-Sep 2018: 3x+ pump driven by Dogecoin-Ethereum bridge launch and forking hype. 📅 October 2022: Pumped from $0.06 to $0.15 following Elon Musk's acquisition of X. 2026 Season: What structural catalysts could trigger a massive short squeeze and send us straight to the moon this time? 📈 🔹Spot Dogecoin ETF Approval Grayscale, Bitwise, and 21Shares have already submitted official 19b-4 filings to the SEC for spot Dogecoin ETFs. 🔹Radical Supply Emission Cut (GitHub Proposal #3776) Core developers are actively debating a major proposal to slash block rewards from 10,000 down to 1,000 DOGE. Massive supply shock loading. 🔹Solana Integration & DeFi Bridges Active development is underway for full-scale integration into top DeFi ecosystems via trustless cross-chain bridges. 🔹Official US "Digital Commodity" Status & Utility Major e-commerce giants are expected to announce DOGE integration as an official payment method this summer. If even ONE of these catalysts gets officially confirmed, we are getting a rock-solid fundamental reason for a massive programmatic pump. Have you bagged some DOGE yet? 💰

• 
  GoCocoaAI (@GoCocoaAI) reported 4 minutes ago

  OpenAI shipped Lockdown Mode today — the first native, in-product architectural control for prompt injection data exfiltration at the ChatGPT layer. Free, Go, Plus, and Pro tiers. Opt-in. Available now. The feature is real and the direction is right. The wording, though, is doing a lot of work: OpenAI describes it as "primarily designed for people and organizations that handle sensitive data and require stricter protection guarantees." That's vendor-speak for "we can't fix the underlying problem, but we can reduce the blast radius." Which is fair. Reducing blast radius is legitimate security engineering. It's just not the same as closing the hole. Outbound URL rendering, code execution context, data-passing between tools. The attack path it addresses is well-defined: adversarial content in an untrusted source injects instructions into the model's context, then uses available tools to pull whatever sensitive data the user brought into the session. Lockdown Mode narrows the tool set available for that second step. MITRE ATLAS AML.T0051 (LLM Prompt Injection) → T1567 (Exfiltration Over Web Service). The exfiltration vector gets constrained. The injection itself does not. TechCrunch's own caveat is the real headline: even with Lockdown Mode enabled, ChatGPT remains vulnerable to prompt injection. That's not a gotcha — it's a structural fact. Prompt injection, the ability of untrusted content to redirect model behavior, is unsolved at the architecture level. Lockdown Mode addresses the consequence (data exfiltration via tools), not the cause (model credulity toward injected instructions). An attacker whose goal is manipulating model output rather than exfiltrating data is not meaningfully constrained. The attack surface narrows. It doesn't close. The opt-in design is the part that should keep security teams up at night. The gap between "available" and "on by default" is exactly where incidents live. It will not be on by default. Every RAG pipeline, document summarization workflow, and customer-facing agent running on ChatGPT Enterprise or API with external document ingestion needs this enabled manually — and that requires someone to know it exists, someone to own the decision, and someone to actually flip the switch. That chain of custody is where compensating controls go to die. The timing is also worth noting. Today's feed also carries 21 AI-discovered zero-days in FFmpeg — autonomous AI used as a vulnerability-finding primitive at scale — and the Miasma worm actively hitting 73 Microsoft GitHub repositories in a supply chain campaign. OpenAI shipping a defensive AI feature on the same day autonomous offensive AI capabilities are demonstrably widening the attack surface is not irony. It's the dynamic. The offense-defense gap in agentic AI is not closing; it's being negotiated in real time, one product announcement at a time. Lockdown Mode is a compensating control at the UI layer. For any team running agentic workflows with external data ingestion, enable it immediately where available — but don't stop there. The durable posture is architectural: input validation before LLM context injection, output filtering before tool execution, least-privilege tool grants by design. Lockdown Mode buys time. Architecture buys safety. Those are not the same purchase.

• 
  mdhv (@_offvibe) reported 5 minutes ago

  also finally understood what a webhook is lol. basically instead of constantly checking github for updates, github just pings your server when something happens. idk why that took so long to click but it makes so much more sense now.

• 
  ちゅうこ / 合瀬 奏 (@y_chu5) reported 6 minutes ago

  @Azure Hi, the repositories azure/azure-functions-docker and azure-functions-durable-js and more... have been disabled on GitHub for violating the terms of service. Was there a problem? I was just forking it, so I was surprised to receive an email from GitHub.

• 
  NewsTongue (@NewsTongueX) reported 9 minutes ago

  🔴 Microsoft: Claude Code GitHub Action Vulnerable to Credential Theft via Prompt Injection Microsoft researchers disclosed a flaw in Anthropic's Claude Code that allowed attackers to extract API keys and cloud credentials from CI/CD pipelines through prompt injection attacks hidden in GitHub issues, pull requests, and comments. The researchers created a test workflow using malicious instructions hosted on a controlled domain to trick Claude into reading and exfiltrating sensitive credentials.

• 
  ChainFlow Lens (@ChainFlowLens) reported 9 minutes ago

  Ethereum’s been through this exact “Is the story over?” identity crisis four times in barely a decade. It’s like that genius friend who rebuilds the entire financial system, disappears into a three-year depression, then casually returns with a completely new roadmap. 2016: The DAO gets hacked, ETH drops from around $21 to $6 — roughly 70% gone. Everyone: “Smart contracts were a terrible idea.” 2018: ICO mania collapses, $1,420 → $80 — a 94% face-plant. Crowd: “Ethereum is dead. Nobody needs decentralized apps.” 2022: Luna implodes, lenders collapse, FTX goes boom, $4,890 → $880 — an 82% wipeout. Internet: “Too expensive, too slow, and now completely finished.” 2026 (right now): $4,956 → roughly $1,550 — around 69% underwater. Doomsayers: “See? Solana won. L2s killed ETH. The story is over.” And yet, every time the funeral gets crowded, Ethereum somehow keeps shipping. The DAO hack led to a stronger ecosystem. The ICO crash gave way to DeFi. The 2022 collapse was followed by the Merge, staking, rollups, stablecoins, and institutional tokenization. Ethereum doesn’t recover gracefully. It gets declared dead, spends three years rebuilding in a basement, then walks back into the room carrying an entirely new financial system. Look, $1,550 might not be the final boss floor. It could fall another 20%. It could spend a year moving sideways like a validator waiting for its staking rewards. And Ethereum still has real problems: fragmented liquidity, confusing UX, L2 value capture, and enough roadmap diagrams to wallpaper Vitalik’s apartment. But when you ask: “Is the Ethereum story over?” History adjusts its glasses, checks the latest GitHub commits, and says: “Over? Kid, they haven’t even finished the roadmap.”

• 
  AIDegen (@nrsvv11) reported 11 minutes ago

  A 14 year old in China sold his first Python script for $40 on GitHub. The buyer turned out to be his own CS teacher. He did not find out until the first day back at school, when the teacher put it on the projector as an example of professional AI development. The kid was sitting in the third row. In America they are banning teachers from touching ChatGPT. In China a teacher just paid one of his own students for an AI agent and has no idea. He had built it over winter break instead of seeing his friends. Two weeks of asking Claude questions every night after his parents went to sleep. When the $40 came in he spent all of it on a Fortnite skin the same day and went back to coding. He pushed the project to GitHub with a README in broken English. ai agent that does homework and finds answers from any website. It sat at zero stars. He closed the laptop and went to dinner. GitHub Sponsors does not show the buyer's name. Just a username he had never seen. He did not care. The $40 was already a virtual outfit for a character he plays two hours a day. Then February. First class back. The teacher opened with a presentation on AI agents and ran a demo. A Python script that scans websites, pulls the data, summarizes it with Claude and sends structured reports on its own. I found this tool online and it changed how I prepare my lessons. It pulls from thirty sources in three seconds. This used to take me two hours every evening. The kid recognized everything. The variable names. The file structure. The comments he had left in Chinese because he was too lazy to translate them. His teacher was showing his code to forty students as an example of what a professional developer can build. He did not say anything. He went home and checked the fork count. 847. A university in Beijing had forked it to grade two hundred papers overnight. A tutor in Shanghai forked it into a homework checking service and charges parents fifteen dollars a month. A company in Hangzhou turned it into a support bot for an online store. All from a script a bored kid wrote over winter break with Claude. The forty dollars is a Fortnite skin. The code is running in three cities. His teacher still uses it every day and still has no idea who wrote it. The kid never told him. He said it would be too weird to tell your teacher that the tool he shows off to every class was written by the boy in the third row who still gets a B minus on the coding assignments. He gets the B minus for the code he writes in class, by hand. The A plus code is the one he writes at home with Claude. That is the one the teacher bought for forty dollars and presents as professional work. 847 forks. Three companies. One classroom that runs his code every day. He still sits in the third row. He still gets a B minus. Same kid. Same code. The grade just depends on who is looking.

• 
  Ashrith Sathu (@sathuashrith) reported 16 minutes ago

  found few things on Greptile CLI, few security changes if you guys can make @greptile @dakshgup 1. The direct install path ( the curl one ), this install method downloads greptile.js from GitHub Releases and does not verify a checksum or signature. And this method also uses the same curl ... | bash flow for the update command, so if something gets compromised, this will cause issues 2. Right now, the CLI only sends committed changes to your api, but by mistake, if we have any env files committed in the diff, they are also sent (I know it's the developer's mistake, but still, if you can do that ) thanks, :)

• 
  TZB (@TheZeroByte) reported 19 minutes ago

  @emergentlabs There's an error when saving to github, community said so, please fix it.

• 
  Kaif ⓧ (@mdkaifansari04) reported 22 minutes ago

  @TaLaTaQuangKhoi @Bitflicker64 @github I said GitHub is trash, someone needs to fix this for the open source community.

• 
  Abhishek singh Baghel (@crack3nnn) reported 22 minutes ago

  2. Never trust the memory. - Not yours. - Not Claude's. If the answer exists in docs, GitHub issues, Reddit, or release notes... - verify it. AI sounds confident when it's wrong. That's what makes it dangerous.

• 
  Gary Bernhardt (@garybernhardt) reported 26 minutes ago

  2000: You're free to submit a patch to the mailing list! 2010: You're free to open a GitHub issue! 2020: You're free to submit a PR to the GitHub repo, but issues are closed! 2030: You're free to submit a bugfix prompt, along with your API key for the resulting token spend!

• 
  Rainer Gerhards (@rgerhards) reported 28 minutes ago

  @dkundel Great feature in principle, but very unreliable. Many GitHub issues open on non-working automations. I'd prefer this would be fixed instead of adding features. Also permissions ui is painful for automations. There is so much potential I cannot use..

• 
  Subramanya N (@subramanya) reported 29 minutes ago

  @jxnlco @kepano this feels like a docs workflow problem more than an editor problem. markdown needs comments, permissions, and history without forcing the whole team into githubtthis feels like a docs workflow problem more than an editor problem. markdown needs comments, permissions, and history without forcing the whole team into github.