@venditdevs "simplefilemanager", looks like someone else must have also reported the compromise with them using a different module.
It's horrific that Prestashop didn't appear to take your report seriously in November 2025. I suspect this is possible down to a failing of there support quality (whenever I have contacted them in the past it has been pointless). Either way, something this serious should be very clearly communicated (fully explaining how it may have happened (even if it turns out that's not the case).
It's clear it hasn't been clearly communicated as if it had, this forum would be flooded with people asking what to do and how it happened.