The attackers exploited two zero-day vulnerabilities in Ivanti Connect Secure to gain initial access to MITRE’s Networked Experimentation, Research, and Virtualization Environment (NERVE) in late December 2023.