The Bitcoin DeFi protocol ALEX Lab suffered a security exploit on June 6, 2025, resulting in the unauthorized removal of digital assets totaling over $8.3 million. The attack exploited a flaw in the protocol's programming logic, draining assets from multiple liquidity pools, including 8,403,867.57 STX, 21.85 sBTC, 149,850 aUSD, and 2.8 aBTC. This marks the second major security breach for ALEX Lab, following a leaked key incident the previous year. The project has committed to reimbursing affected users fully from its treasury, with individual notifications planned and a reimbursement deadline set for June. The incident highlights ongoing security challenges within DeFi protocols, as complexity and vulnerabilities continue to expose projects to sophisticated attacks.