We always appreciate constructive criticism and feedback, and it is what helps us keep delivering our best. That said, we are 100% certain and can guarantee you that Unicon is working perfectly as-is and does not have any security flaws.
A possible reason for a site being hacked is a weak password or a faulty plugin. I suggest rolling back to an earlier backup and installing a security plugin. If you did not make any backups, I would export your site, change all passwords on your site, FTP, server, and DB. Ideally, wipe all files from your hosting and do a clean installation of everything you need. Then import your content again.
For the future, I suggest updating along with the theme & plugin updates. We always keep this theme up to date with the latest plugin versions. But it’s up to users to update them. You may also want to read articles dedicated to WordPress safety and implement measures described (like changing the “admin” username, strong passwords, changing the route to the admin page, auto block, etc.).
And if you ever have any questions or concerns, we are looking forward to helping you!