Yesterday my CF account was hacked as someone changed the email and password.
Fortunately I was able to recover and enabled 2FA yesterday. Hacker added html Js redirect through the ‘Apps’ available on CF. I deleted them yesterday.
But today also I see the same problem that my website traffic is being redirected to the other domain. And the method was same an App was created in CF Apps.
My question - How it is possible? does any one still have access to my cf account even I have changed my pass and enabled 2FA?