> "Coinhive malware infects tens of thousands of MikroTik routers" https://searchsecurity.techtarget.com/news/252446369/Coinhiv....

"Kenin said malicious actors were exploiting a vulnerability in the routers that MikroTik had patched in April -- just one day after the flaw was first discovered."

So an exploit was found (it happens) and patched within 24 hours.

From memory this was only vulnerable if you didn't block incoming winbox traffic on your wan port (which is of course good practice, and I believe the default configuration).

Upgrading a mikrotik router is a matter of running "system package update install". You could stick that in a scheduled script if you wanted.

Upgrading a cisco or juniper router requires things like support contracts, tac accounts, and other nonsense, then in many cases doing things like using tftp (!!) to copy a binary to the router, then ensuring you have a serial connection (!!) to the switch for when it breaks.

Upgrades on Mikrotiks are so simple. I used them for over 10 years and never once had a problem.

In my previous experience both from my ISP days and some time in a corporate IT "networks" department, almost nobody upgrades their "enterprise" (Cisco) routers or switches. It's too risky.

Sounds more like a track record of owners not patching their routers. Every brand of network devices has had serious security flaws. At least MikroTik is cheap and functional.