This March 2008 post from the internal NSA newsletter SIDToday, describes the Menwith Hill station’s success in intercepting the video feeds from Israeli F-16 fighter jets and drones: see the Intercept article Spies in the Sky: Israeli Drone Feeds Hacked by British and American Intellience, 29 January 2016.
This post from the NSA’s internal SIDToday newsletter, dated 6 May 2010 and attributed to the Menwith Hill station describes NSA, CSEC and GCHQ’s acquisition of emails already exfiltrated by another actor: see the Intercept article Western Spy Agencies Secretly Rely on Hackers for Intel and Expertise, 4 February 2015.
This 7 January 2008 post from NSA Menwith Hill Station’s internal Horizon newsletter describes the practice of piggybacking on other states’ computer network exploitation operations: see the Der Spiegel article The Digital Arms Race: NSA Preps America for Future Battle, 17 January 2015.
This undated GCHQ document reporting on the activities of its installation at Bude in Cornwall, describes the infiltration of three German satellite comnunications providers, Stellar, Cetel and IABG. The document includes server details, network graphs, customer login details and the personal details of network engineers: see the Intercept article New Zealand Launched Mass Surveillance Project While Publicly Denying It, 15 September 2014.