To be fair, that hacking description is only for SMS text based 2FA, and that demonstrates exactly why SMS text based 2FA is not considered very secure.
Your best bet is with an authenticator app, like Google authenticator.
Email based 2FA is somewhat secure if you happen to have an manage your own email domain and servers, and you know how to do it right… and your IT sec discipline is well developed.
There was a time when authenticator apps were easily hacked because the device OS’es would allow apps to do a screen capture without the user ever having to grant that app permission. But mobile device OS’es have since been improved to not allow that.
No authentication method will ever be unbreakable. Whether it is a the first layer of authentication or the second… or third.
Which drives home the key point – you need strong/complex/non-memorable passwords and 2fFA. 2FA isn’t there to allow you to have a weak password, it is there to make it highly unlikely and pragmatically impossible for someone to breach your password AND breach your second layer of authentication.