This undated GCHQ presentation gives an overview of the agency’s use of hacking techniques, including an explanation of what it perceived the legal position to be at the time: see the InterceptHow U.K. Spies Hacked a European Ally and Got Away With It, 17 February 2018.
A June 2010 report from the NSA internal newsletter SIDtoday, authored by the chief of the agency’s Access and Target Development, describes the interdiction and backdooring of “shipments of computer network devices (servers, routers, etc.)”: see the book No Place To Hide, 13 May 2014.
This extract from an undated NSA document describes the planned capability of the automated malware injection system Turbine as extending to “potentially millions of implants”: see the Intercept article How the NSA Plans to Infect ‘Millions’ of Computers with Malware, 12 March 2014.
This NSA presentation from 3 June 2011 describes QFIRE, “a consolidated QUANTUMTHEORY platform”, that links the NSA’s enormous passive monitoring operation (TURMOIL) with the active hacking of systems undertaken by the agency’s Tailored Acess Operations division (TURBINE): see the Der Spiegel article, Inside TAO: Documents Reveal Top NSA Hacking Unit, 29 December 2013.