If I might jump in ... I assume they're listed as written by you?
One other thing: your sentence ready "I don't have any other users allowed on my blog except me as the admin."
This could be read two ways:
1 - You are the only user that is the admin (which implies other users, just with a lower status
2 - You are the only user, and are the admin
If the latter (which I am assuming), and if there is no other publishing process enabled (that is, XML-RPC and Atom Publishing are off), then consider changing your password.
If the former, then if they are contributers, all their posts would get "pending" status.
Also, you left a query a while back about posting directly via PHP: http://wordpress.org/support/topic/171780
Could whatever you implemented be the security hole?