We found a hack on one of our old inherited client sites that hadn't been updated in a while. Site was functional but Google search results was showing a hijacked title and description in Japanese for auto parts. Most likely a failed attempt to set up redirects / increase SE visibility.
We installed Defender which helped us get to the issues which was great. Fantastic plugin.
An XML file had been injected and htaccess modified and Defender didn't pick these up. I'm not a security expert so just letting you know.
We've since taken the steps to scrub the compromised files and update all vulnerable plugins. Are these kind of attacks likely to be in the scope of Defender in a future release?