Based on the first screenshot, it seems that the hacker was only linking from the http version of your website, which indicates it was done before you configured your site to redirect to https. Is this http to https something you set recently? These links should vanish from Google Search Console report within several weeks, as the redirect is now being imposed to https, where theses links will return a 404.
The fact that it lists links from
http://example.com/ means it was probably a smart hack that detected Googlebot user agent and act accordingly. Very likely, while this hack was still active, a visitor not coming from known bots would be redirected to another website.
The fact that the hack is no longer active, as far as redirecting from http to http, does not mean the hacker went away. You need to figure out how a hacker had access to your website in the first place.
If you are the only person with admin access to your website, make sure the computer(s) you use to access the admin areas are malware free, and change any access passwords no matter how much you love them. Also check your home and office routers, change their passwords (never keep the preset passwords given by the manufacturer or ISP).
If other people have admin access to your website, cut this access and just renew it when they need it, forcing them to also change their password for a strong one. By access to your website I mean both access to any application that you may use to generate/edit/config your pages AND your access to your account with your hosting provider, including FTP/SFTP/SSH access. Make sure to require 2 factor authentication for access to your hosting account if available.
Cloudflare has a great tool called Access, which you can use to block public access to areas of your website that should be only seen by admins. You can create a rule to only allow visitors with specific emails. This would force you and them to authenticate a visit every so often, and all public access to your admin areas would be restricted.