leave it in exchange wallet?
- Some of the traders doing this things if the exchange has a good reputation or belongs into top 20 exchangers.
Isn't it too risky?
- Its risky almost all exchange platform actually. But you can google authenticator/2fa to prevent hackers.
Just because an exchange moves a large volume or is reputable, doesn't make it safe. Mt Gox was very reputable and was dealing with about 70% of the entire market before it was hacked. I would definitely be avoiding smaller exchanges, but just because an exchange is large or well known doesn't necessarily mean it is safe.
Using 2FA is a good idea all round, and will help to prevent people from hacking your individual account, but it does nothing to prevent against exchange hacks.
Store in a hot or cold personal wallet?
- it is much better to store in cold wallet like Electrum
Electrum isn't necessarily a cold wallet. Downloading and using Electrum on your internet connected computer is a hot wallet, and whilst better than an exchange, is still not that great for security. Electrum would only be a cold wallet if used on an airgapped computer or as an interface for a hardware wallet such as a Ledger Nano.