Pending Acquisition by Qualcomm Technologies (critical) Qualcomm Technologies announced an agreement to acquire Arduino, the Italian-Swiss open-source electronics company. This represents a critical, imminent change in corporate ownership and strategic direction, potentially impacting the open-source community model and future product lines.. Alleged Database Breach and GDPR Violation Discussion (high) Public discussion and alerts regarding an 'Alleged Arduino database breach' and 'GDPR violation' are present in professional forums and social media, prompting advice to 'Limit Cloud Exposure.' While the outcome is unclear, the existence of these public allegations indicates potential compliance and data security risks.. Historical Executive Misconduct (CEO Fabricated Credentials) (medium) Former CEO Federico Musto (who led Arduino SRL and briefly Arduino AG) was reported by Wired in April 2017 to have fabricated his academic record, falsely claiming a Ph.D. from MIT and an MBA from NYU. Musto later admitted he had never earned these degrees. Musto was replaced in July 2017.. Historical Trademark Dispute and Governance Instability (medium) The company experienced a significant internal trademark dispute (Arduino LLC vs. Arduino SRL) starting in 2014 after co-founder Gianluca Martino secretly registered the trademark in Italy and refused to pay royalties. This led to a lawsuit (Jan 2015) and a major rift in the development team before the companies merged in October 2016.. Alleged Production Database and AWS Key Breach (critical) An alleged security breach was reported on an underground forum, claiming access to critical production resources including AWS Keys and S3 buckets (specifically 'arduino-terraform-remote-state'), fresh production dumps, and database backups ('eu-west-database-prod-backup'). The attacker also hinted at the capability to misuse tens of thousands of IoT devices as proxies.. Recent Software Quality Control Failure (IDE Auto-Update) (medium) The auto-update feature was 'broken in Arduino IDE 2.3.5,' meaning the software would not notify users of an updated version, even when manually triggered. This required a subsequent patch release (2.3.6) to fix a core functionality failure.. Open Source Licensing Conflict (SD Library) (medium) A GitHub issue was raised concerning a potential copyright violation, noting that the 'SD library is GPL v3.0 not LGPL 2.1+.' This highlights potential non-compliance with expected open-source licensing terms, which could complicate commercial use or integration.