GitHub Outage Map

Community Discussion

Tips? Frustrations? Share them here. Useful comments include a description of the problem, city and postal code.

Beware of "support numbers" or "recovery" accounts that might be posted below. Make sure to report and downvote those comments. Avoid posting your personal information.

GitHub Issues Reports

Latest outage, problems and issue reports in social media:

• 
  OpenIrons (@OpenIrons) reported 6 minutes ago

  @leerob @followbl @OpenRouter So no GitHub copilot support, ever? Maybe an add in for Visual Studio 26? All the automation and robust features in VS make using glorified text editors (e.g. VSC) feel like going a long way back in time. Trying to even approach the same experience with extensions in VSC makes for a very unstable and brittle toolset, IME. I’ve only used Cursor a bit in the past - happy to try again, but would expect the same fundamental problem.

• 
  E__Strobel (@E__Strobel) reported 6 minutes ago

  @bradmillscan I don't understand. Did you: - run `openclaw doctor --fix` & `openclaw config validate` before trying to update? - have Codex or Claude Code run in your .openclaw to do additional health checks before updating? - have your OpenClaw explore the issues on the OpenClaw github and do a risk assessment of the new version that's tailored to your setup? I'd also recommend running `openclaw backup create --verify` so you can roll back, then pre-flight the update with `openclaw update --dry-run`. Also, update with `openclaw update --yes --no-restart` so you can check stability before restarting the gateway. Afterward, run `openclaw config validate` and `openclaw doctor` again to check the health of the updated 'Claw. Then you can restart the gateway. Seems like a lot, but it really only takes a few minutes and has made updates almost completely trouble free.

• 
  CryptoD₿S (@DbsCrypto) reported 9 minutes ago

  12k GitHub stars and $0 is a broken market. Open source has never had an adoption problem. It has a capture problem. The risk with any OSS marketplace is turning builder value into platform GMV. If the repo gets used, deployed, and supported, the builder should own the revenue line—not just the listing.

• 
  blockzilla (@BlockzillaTech) reported 9 minutes ago

  attack vector was simple: employee installed a malicious extension. once inside, they pulled internal source and org files. Github says customer repos weren’t touched (but how many have been done on the same exploit), but that’s not the real issue. the real issue is whatever secrets, keys, and tokens were sitting in those internal repos, im sure its rough day in the trenches rotating everything...

• 
  gavin leech (Non-Reasoning) (@gleech) reported 11 minutes ago

  @chrislakin @tszzl crappy: aella twitter poll crappy: Cloudflare/Github/etc uptime cool: number of JS console errors in random sample of sites and machines

• 
  Andrea Grassi (@andrea_sdl) reported 16 minutes ago

  GitHub was compromised via a poisoned VS Code extension. Now more than ever is important to build awareness about of supply chain attacks. Here are my thoughts and 5 questions that I always use. We still don’t know whether this attack happened through an upgrade or a fresh install, but it’s a strong reminder that we’re more susceptible than ever to these attacks. We trust auto-updates from so many sources, yet history has shown that those sources can later be owned by different entities or, worse, malicious actors. A trusted store, like the iOS App Store, is one solution. Not the only one, and definitely not a perfect one. We need more than that because, as AI adoption spreads, we’ll need to audit even more systems, tools, and dependencies. Here are some questions I always ask myself before installing a new extension or software: 1. Is the source trusted? Is it from an open source developer? How many users are using the software? 2. Is it new, or does it have a long history of updates and maintenance? 3. Is it from the actual company behind the product, or from an independent developer or another company? 4. Are there fake versions? If so, verify the right one and don’t trust the first result you find. Nanoclaw had this issue, where a fake version was distributed under the same name on a different domain. 5. If they’re big enough, do they have a proper security reporting flow and a way to report vulnerabilities? These questions won’t protect you from every attack, but they give you a good starting point.

• 
  VT (@VT_MGR) reported 21 minutes ago

  @xkem0x @OfficialEgator6 Would it be on github or in a discord server

• 
  magusgenji (@MagusGenji) reported 21 minutes ago

  @anshuc @github The internal repos weren't hosted on GitHub, that way they can still fix it when they go down.

• 
  Oleksandr (@kukara4) reported 23 minutes ago

  @sandislonjsak The real issue isn't GitHub specifically, it's the blast radius of shared multi-tenant architectures. GitLab or Bitbucket have the exact same failure mode. If you want real isolation, self-host (GitLab CE works great).

• 
  Muhammad Ayan (@socialwithaayan) reported 27 minutes ago

  Holy sh*t... a company that raised $32M just open sourced their entire product for free. It's called cal .diy. The Cal .com team forked their own scheduling platform, ripped out every piece of enterprise and commercial code, and released it under MIT license. 43.6K GitHub stars. And counting. Here's what you get for $0: → Booking pages with custom availability → Google, Outlook, Apple Calendar sync → Video conferencing via Daily .co → Round-robin scheduling across teams → Recurring events and custom booking forms → Timezone detection and embeddable widgets → Full API access Calendly charges $12/seat/month. SavvyCal charges $12/seat/month. Cal .com's hosted version starts at $15/month. cal .diy does the same thing for nothing. No license key. No feature gates. No user limits. No seat pricing. Self-hosted on your own server. Your scheduling data never leaves your machine. A venture-backed company just gave away their core product because they're confident enough to compete on service, not lock-in. That's the most dangerous kind of open source. 100% Open Source. MIT License. ( Link in comments )

• 
  AdiiX (@adiix_official) reported 29 minutes ago

  ONE GITHUB REPO AND $5 BILLION IN 5 YEARS. Two guys from New Zealand took open-source code and built the backend now powering Netflix, Microsoft, Coinbase, and Uber. Paul Copplestone CEO and co-founder of Supabase breaks down in 46 minutes how they actually pulled it off. save this and watch it.

• 
  Satoshi Talks (@Satoshi_Talks) reported 31 minutes ago

  🚨 BREAKING: GitHub has confirmed a breach of its internal repositories The attacker compromised an employee device through a poisoned Visual Studio Code extension. From that single endpoint, they pivoted into internal GitHub repos, dumped secrets, and walked out with what they claim is around 4,000 private repositories of source code and internal organization data. The threat actor, TeamPCP, listed everything for sale on the Breached forum yesterday with a floor of 50,000 dollars. Their stated terms are blunt. One buyer, no negotiation, and if no one pays the entire dataset gets leaked for free. GitHub says it removed the malicious extension version, isolated the device, rotated critical secrets, and activated incident response. The company maintains there is currently no evidence of impact to customer repositories, enterprises, or organizations stored outside its own internal infrastructure. The attack vector is the part worth sitting with. This was not a flaw in GitHub the platform. It was a poisoned extension in the VS Code marketplace, executed on a developer laptop, used to reach everything that laptop could reach. The same week, two popular GitHub Actions workflows (actions-cool/issues-helper and actions-cool/maintain-one-comment) were compromised through tag manipulation to exfiltrate CI/CD credentials, and a critical RCE vulnerability in GitHub itself, CVE-2026-3854, was patched after researchers showed it could be triggered with a single *** push. Three separate incidents, one consistent message. The platform is hardened. The supply chain around it is the soft target. For anyone building on GitHub right now, the immediate checklist is simple. Audit installed VS Code extensions. Pin GitHub Actions to commit SHAs rather than tags. Rotate any tokens, deploy keys, or secrets that could have touched a compromised environment in the last two weeks.

• 
  AMLBot (@AMLBotHQ) reported 32 minutes ago

  Another reminder that everything that you store in cloud you are storing on somebody's else server or PC. GitHub has suffered from an attack -- comprimised employee device was used to access private repos, with some sources reporting more than 3800 repos affected. Delete your API keys and other sensitive data, and stay safe!

• 
  ken (@aquariusacquah) reported 35 minutes ago

  sneaky github trying to fix declining open source usage by making their biggest private repos public

• 
  Lina 🦅 (@XNXX_EN) reported 36 minutes ago

  @LordOfAlts @github microsoft really needs to lock this down fr