The MITRE Corporation revealed on April 19, 2024 that a nation-state actor compromised its systems in January 2024 by exploiting two Ivanti VPN zero-days vulnerabilities. According to a statement made by MITRE, after detecting suspicious activity on its Networked Experimentation, Research, and Virtualization Environment (NERVE), a collaborative network used for research, development, and prototyping, compromise by a foreign nation-state threat actor was confirmed. In response, MITRE took prompt action to contain the incident, including taking the NERVE environment offline, and launched an investigation.
MITRE is a US non-profit organization with dual headquarters in Bedford, Massachusetts, and McLean, Virginia. It manages federally funded research and development centers (FFRDCs) supporting various US government agencies in the aviation, defense, healthcare, homeland security, and cybersecurity fields, among others. In March 2021, MITRE created the MITRE ATT&CK Defender training program to educate and certify cybersecurity professionals.
Read more about it here.