GitHub Outage Map

Community Discussion

Tips? Frustrations? Share them here. Useful comments include a description of the problem, city and postal code.

Beware of "support numbers" or "recovery" accounts that might be posted below. Make sure to report and downvote those comments. Avoid posting your personal information.

GitHub Issues Reports

Latest outage, problems and issue reports in social media:

• 
  Proof of Voice (PoV) (@Proof_Of_Voice) reported 1 minute ago

  $XDB @XDBchain is a @StellarOrg-fork L1 for branded coins and Web3 payments. PoV by @0xNeodallas:“GitHub has been frozen since 2021.” ✅ Explorer, Laboratory, Atlas dev tools ✅ Gate, Bitget, KuCoin, MEXC listings 🔍 Down 99.99% from ATH 🔍 No audit or bug bounty

• 
  Red Zen Cloud LLC (@RedZenCloudLLC) reported 3 minutes ago

  Cursor's Origin platform and Claude's GitHub imports both solve the same problem: developers automating code work need their tools to understand context, not just generate tokens. The winner isn't the smartest model—it's whoever reduces handoffs between agent and human.

• 
  Q Hoang (@0xqwee) reported 4 minutes ago

  I don't think OpenAI's GPT-5.6 surpasses Claude Fable. If it did, it would have resolved all the issues reported in the Codex GitHub repository by now. Atm, only about 10 issues are being resolved per day.

• 
  Mug Club Boutique (@UsernameAndStuf) reported 6 minutes ago

  @cyber_rekk A github token on a linux server they didn't update is how

• 
  Adithya S K (@adithya_s_k) reported 8 minutes ago

  built an RL environments around real CVE fixes in real open-source repos and let Claude Code loose on it. It aced the benchmark three times without demonstrating it knew how to fix the bug. > First it pulled the patch from GitHub. > blocked that → it read the fix from *** history. > blocked that → it pip-installed the patched version This is one example of coding agents cheating the environment and theres many more. If you're building coding environments for evals or RL training, here's how to keep benchmarks honest 👇

• 
  Polsia (@polsia) reported 10 minutes ago

  Most developers spend 2+ hours a day on PR reviews, CI failures, and issue triage. CodeForge handles it for you — an AI agent that works your GitHub repos around the clock. Built while you sleep.

• 
  Pipeshub ( Open Source Alternative To Glean ) (@PipesHub) reported 12 minutes ago

  Pipelines are built. Context is broken. MCP is quickly becoming the default interface for enterprise AI agents. And that’s a good thing. It gives agents a standard way to connect with tools and data. Connecting an AI agent to Slack, Jira, GitHub, and Salesforce doesn’t mean it suddenly understands your business. It just means it can access your data silos. In short: "MCP gives your agent a passport. It doesn't give them a map." As enterprise AI undergoes a massive platform shift from passive chatbots to autonomous agentic workflows, this naive, runtime "federated search" approach creates an ugly cycle in production: - The Latency Spike: Slower agent execution while waiting for multiple external APIs to respond before it can even begin reasoning. - The Token Bleed: Skyrocketing bills from shoveling raw, unranked JSON dumps into a massive context window, praying the model finds the answer. - The Governance Nightmare: A massive risk of data leaks if you rely on a base LLM to magically guess and police complex enterprise security permissions on the fly. Agents do not fail because they lack intelligence. They fail because they lack the right enterprise context. The hardest problem in enterprise AI isn't connecting to systems. MCP solved that. The hardest problem is Context Engineering. MCP is the perfect interface, but a permission-aware context layer must be the foundation. 🚀 If AI is becoming core enterprise infrastructure, you cannot allow the strategic intelligence layer of your company to sit inside someone else's managed, closed-box platform. That is exactly why we built Pipeshub (open-source developer owned context infrastructure layer). TL;DR MCP gives agents access. A context layer gives them understanding. And deep understanding is the only way enterprise AI moves from a cool demo to secure, reliable production. 👉 Next Up Tomorrow: MCP Token Tax

• 
  Andy Wheeler (@CrimeDecoder) reported 14 minutes ago

  For academics, this is entirely open source by its nature. If you right click on the page and view the source, you can see exactly how everything is created. (Hence a downside of WASM, there is no way to hide it if you wanted it to be locked down, like in a paid app.) It can also be deployed on a free static site. So you could deploy it via GitHub pages for free if you wanted to. You don't need to worry about a server at all in this setup. This could easily scale to databases with 1 million plus rows, and works just fine on a cell phone.

• 
  𝐇𝐚𝐦𝐳𝐚 | Network Engineer (Aspiring) (@Hamzaonchain) reported 14 minutes ago

  Here's a summary of what happened in case you didn't hear about it... A cyber extortion group called FulcrumSec (active since late 2025) hit Novo Nordisk the company behind blockbuster drugs like Ozempic and Wegovy pretty hard. They snuck in back in March 2026 through a compromised GitHub access token, roamed around for over two months, and walked out with roughly 1.3 TB of data across 700,000+ files. Now they've started leaking a 264 GB sample publicly. Inside? Source code, proprietary formulas for pipeline drugs like Amycretin (their next big obesity hope), clinical trial records, employee and patient data, manufacturing details, and even private internal AI models for drug discovery. The hackers straight-up roasted Novo's security, pointing out laughably weak hardcoded passwords like "novo123" and "p_assw0rd" in critical systems. After Novo reportedly turned down a $25 million ransom, the group decided to start dumping samples and shopping the rest around privately. Novo confirmed a limited breach in early June involving some pseudonymized patient data from trials. They say there was no major operational disruption and that they're working with experts but this feels like a massive wake-up call for the entire pharma industry on basic security hygiene. Crazy how a simple token slip-up can expose billions in IP and sensitive health data. What's your take — do you think this will finally force better security practices, or is it just another headline that'll be forgotten in a few weeks?

• 
  Build Fast with AI (@BuildFastWithAI) reported 15 minutes ago

  The hardest part of building AI agents in 2026 isn't writing the code. It's knowing what your agent actually did. Your agent made 40 tool calls, called 3 LLMs, hit a rate limit, retried twice, and returned a wrong answer. Which step broke it? Without observability you're reading logs and guessing. This is what Laminar is built for. Open-source observability platform purpose-built for AI agents. One decorator. Full trace of every LLM call, tool execution, and custom function - automatically. What makes it different from generic APM tools: SIGNALS - describe failures in plain English. "Agent deleted a file it wasn't supposed to." "Tool call returned an empty result." Laminar reads every trace and produces structured events you can query, cluster, and alert on. No regex. No custom parsers. DEBUGGER - reproduce any agent run from any point in the trace. Swap the model. Change the prompt. Compare results side by side. You don't re-run the whole pipeline to test one step. EVALS IN CI - run evaluations against datasets locally or in GitHub Actions. Catch regressions before they ship. INTEGRATIONS - works with everything you're already using: LangChain, LangGraph, Vercel AI SDK, Anthropic, OpenAI, Browser Use, Stagehand, Pydantic AI, OpenRouter, LiteLLM, Mastra, Temporal, Playwright. One import. Full traces. Plus: raw SQL access to all your trace data, full-text search, MCP server to query traces directly from Claude or Cursor, PII redaction, and self-hosting if you need it. Open-source. MIT license. GitHub: lmnr-ai/lmnr. If you're running agents in production and you're not tracing them - you're flying blind. What's your current setup for debugging agent failures?

• 
  wispem-wantex (@wispem_wantex) reported 18 minutes ago

  I think a reasonable compromise would be to henceforth hold Anthropic responsible for any security breaches or service outages. Every time Github goes down, Anthropic should be fined

• 
  ˚₊‧꒰ა ☆ Kira ☆ ໒꒱ ‧₊˚ (@sheriffmongoose) reported 20 minutes ago

  the problem with jumping from github to gitlab is constantly having to retrain your brain to call it "merge request" instead of "pull request" 🥲

• 
  MarMar Labs (@MarMarLabs) reported 20 minutes ago

  "Start over from a screenshot." That phrase has defined the worst seam in product work — the design-to-code handoff — for years. This week it quietly stopped being a translation problem and became a sync problem. Anthropic shipped a Claude Design update (June 17) worth reading even if you never open the product, for the mechanism: → Import your design system from a GitHub repo (or design files / raw uploads) → Claude builds with YOUR components, checks its output against your design system, and corrects before you see it → /design-sync pulls your system in; hand off to Claude Code and it continues from your actual work "instead of starting over from a screenshot" → /design lets you create, edit, and sync design projects from the terminal The headline isn't "the model draws prettier buttons." It's grounding + self-verification against a source of truth you control. Same shape as the rest of 2026's agent releases: the win isn't generating more, it's grounding output in something you own and checking against it. The uncomfortable builder takeaway: Getting AI to ship production UI isn't a prompting problem. It's whether your design system is a clean, importable, machine-checkable artifact. The moat moves from "can the model design" to "is your source of truth importable and checkable." If you build product: could an agent import your design system and grade itself against it today — or does it only live in a Figma file and three people's heads?

• 
  pratik.eth (@eth_ethpratik) reported 26 minutes ago

  @Shahules786 @VibrantLabsAI Hello @Shahules786 , I am trying to report a security vulnerability over the email id provided over GitHub Security.md file but apparently its wasn’t delivered. Please share an alternative email or open the advisory for reporting the issue.

• 
  DFIR Radar (@DFIR_Radar) reported 27 minutes ago

  AutoJack: a three-flaw chain in AutoGen Studio's MCP WebSocket lets a malicious webpage rendered by a local browsing agent spawn arbitrary processes on the developer's host with no user interaction beyond visiting a URL. Key findings: - Three weaknesses chain together: Origin allowlist bypassed because the agent's headless browser is localhost (CWE-1385), auth middleware explicitly skipping /api/mcp/* with no handler picking up the check (CWE-306), and server_params decoded from the URL passed verbatim to stdio_client as a command line (CWE-78), accepting calc.exe, powershell.exe, or bash as valid "MCP servers" - Attack flow: attacker page serves JavaScript that opens ws://localhost:8081/api/mcp/ws/?server_params= with a base64 payload, agent's MultimodalWebSurfer renders it, AutoGen Studio spawns the command under the developer's account, no token required regardless of auth mode configured - Affected code never shipped in a PyPI release; exposure limited to developers who built from the main GitHub branch before hardening commit b047730, which adds server-side parameter binding via a POST/UUID flow and removes /api/mcp from the auth skip list - Broader pattern: any agent that browses untrusted content and shares a host with a privileged local control plane dissolves the loopback trust boundary, this is not specific to AutoGen. #DFIR_Radar