(no title)

1) In the first case, chances are that I would realize this immediately and change my password, which I would have time to do as there is no actual attacker yet; only future opportunistic attackers. 2FA would be useful only if I not only pasted my password and 2FA code, but then not even realized it. Then 2FA might help since by the time anybody notices this, the 2FA code would be invalid.

2) In the second case, if the phishing attack is not real-time (i.e. attackers are just recording my credentials instead of immediately logging in in my place), 2FA would help since the 2FA they stored would be invalid when they tried using it. 2FA is less helpful in a real-time phishing attack; though having 2FA might still help since changing my login credentials would presumably require another 2FA code so at least they can't lock me out (unless they can convince me that I need to enter another 2FA code, which I guess is possible if I was absent-minded enough to fall for it in the first place).

In any case, I don't worry much about these scenarios and I agree with you about 2FA, that's why I don't usually bother with it except in cases where websites freak out because I keep logging in from foreign IPs with no cookies. Then 2FA is useful because it makes the website trust my login, at no additional inconvenience to me as KeePass auto-types 2FA code just like my password, so I don't mind enabling it when I can.