I've now seen 2 hacks for the mifi.
First is one against the pre-set WPA-TKIP PSK's that are based on the mac address of the access point, and have limited entropy. That one is something you can completely mitigate by doing the usual smart thing of changing your SSID to something unique (for which no one is likely to have precomputed PSK hashes lying around cn their hard drive), and setting a strong, long, random pre-shared key. For bonus points, strengthening your config with WPA2-AES vs the default WPA-TKIP gives and extra cushion.
As for the admin interaface hack linked earlier, that one is going to require a firmware update, best I can tell once they come out. NoScript would be well advised of course, but even it won't be complete protection.
I need to get more familiar with the admin interface hack before saying much more though.