Need Security Consultant for Cyber Security Threat

We received the below letter from the FBI related to a cyber threat. I need someone to review the letter and work with our team to figure out what happened and document it and also provide recommendations on how to make sure this doesn't happen in the future. These questions need to be answered: What remediation steps did Advantco take in response to this letter? Did Advantco undertake any forensic investigation on its own regarding the suspicious activity? Has the incident been resolved (i.e., Advantco determined there wasn’t any compromise of its systems)? ----------------------------- FBI Letter: Sir/Ma’am, Pursuant to Executive Order 13636, Section 4, the Department of Justice and Department of Homeland Security are responsible for sharing timely cyber threat information with targeted US entities. For the Federal Bureau of Investigation, this sharing is typically done in the course of investigative response to criminal and national security computer intrusions. During the course of an investigation, the Federal Bureau of Investigation identified indications that a cyber threat actor likely targeted an IP address registered to (company name). Suspicious behavior was first observed beginning on or around 1 May 2025 17:58:39 UTC and continuing through 13 May 2025 02:19:42 UTC using CVE-2025-31325, a file upload vulnerability in SAP NetWeaver Visual Composer Metadata Uploader. Suspicious activity was observed for the following IP attributed to (company name): 3.20.132.111 With a potential webshell or malicious executable uploaded at the following URI: /irj/helper.jsp The FBI respectfully requests the information provided not be stored or reproduced on your company's network due to the possibility of the infrastructure being compromised. Apply tot his job