Russia-linked hackers compromised more than 284 email inboxes across Ukraine and several NATO member states between September 2024 and March 2026, targeting prosecutors, anti-corruption investigators, and military officials, according to data reviewed by Reuters. The breach was uncovered after the hackers inadvertently left their server exposed to the internet, allowing British-American cyber threat researchers at Ctrl-Alt-Intel to access logs of successful intrusions and thousands of stolen emails; the group attributed the operation to "Fancy Bear," a hacking unit linked to Russian military intelligence. Victims included staff at Ukraine's Specialized Prosecutor's Office in the Field of Defense and its Asset Recovery and Management Agency (ARMA), as well as dozens of accounts at Romania's Air Force, Greece's Hellenic National Defense General Staff, and military and local officials in Bulgaria and Serbia — suggesting Moscow used the campaign both to monitor those investigating Russian collaborators in Ukraine and to conduct broader espionage against allied and friendly nations alike.