No worries, the site was secured with updating all the plugins, theme and WordPress core, checking for any threats in the sites setup.Creating new secure passwords for all users, as well as activating the firewall and login-protection within Malcare.
For some sites requiring extra protection, I usually harden the security with Malcare, blocking the execution of PHP in folders such as cache or uploads, disable the Files Editor in the dashboard, and block all Plugin and Theme installation.
