There’s quite a few blogs going around today which makes it sound like there is some new Mikrotik exploit. It’s not a new exploit, but discussions about the combination of the already patched winbox exploit + the already patched CVE-2018-1156 format string exploit. If a router is vulnerable to the winbox exploit, then by combining these exploits you get total root compromise of a router - upgrading and changing passwords or resetting configuration cannot secure the device as the exploit can install malware at the OS level.
If you’re already up to date and have changed passwords since the winbox exploit you are safe.
If you haven’t updated and have a compromised router, you must netinstall to secure the device. A working CVE-2018-1156 exploit can install all kinds of malware and services that are completely invisible to RouterOS. Winbox and SSH, etc will show nothing out of the ordinary but your device could be running credential sniffers, crypto mining scripts, brute forcers, spam relays and more.