I have discovered something slightly disturbing today. I logged into my WP admin area, to discover that two comment spams came through. But that wasn't the disturbing part. I've been wondering why I haven't been receiving any comment notifications via e-mail, so I went to OPTIONS > DISCUSSION to check my DISCUSSION OPTIONS settings.
Somehow, the "Email me whenever... Anyone posts a comment" checkbox was unchecked. Furthermore, under "Comment Moderation," where it says, "Hold a comment in the queue if it comtains more than ___ links," somehow, the variable had been entered by someone, or something, other than myself as "666."
I am wondering if anyone out there is aware of the file or files in which the admin options settings are stored can easily be hacked without logging into the admin area. Or, is it possible that someone just figured out my password and is playing games with me? I'm not sure how someone could have figured out my password, but nonetheless, I have changed it.