If you have not at least setup user/pwd access to your node-red then there is a good chance it has already been hacked, so you may need to rebuild your system.
After you have stopped the port forwarding and stopped node-red (as it may now be running flows that go out over the internet, mining crypto etc) then see this FAQ post for advice on how to safely access node-red over the internet.
Copyright OpenJS Foundation and Node-RED contributors. All rights reserved. The OpenJS Foundation has registered trademarks and uses trademarks. For a list of trademarks of the OpenJS Foundation, please see our Trademark Policy and Trademark List. Trademarks and logos not indicated on the list of OpenJS Foundation trademarks are trademarks™ or registered® trademarks of their respective holders. Use of them does not imply any affiliation with or endorsement by them.
The OpenJS Foundation | Terms of Use | Privacy Policy | OpenJS Foundation Bylaws | Trademark Policy | Trademark List | Cookie Policy