Pike Finance, a decentralized lending protocol, has suffered significant losses due to security breaches within a single week. The protocol was first exploited on April 26, resulting in a loss of $300,000. A subsequent attack on April 30 led to a further loss of approximately $1.68 million, totaling nearly $2 million in damages. The attackers exploited vulnerabilities in the protocol's smart contract functions, particularly those handling cross-chain transfers of USDC. In the second incident, they executed an 'initialize' function, adding a malicious address to the protocol's active variables, which allowed them to upgrade to a malicious implementation. The attackers stole 99,970 ARB, 64,126 OP, and 479 ETH in the process. This series of security breaches highlights critical lapses in Pike Finance's security measures.