The buzz around the net lately has been about how WordPress is the target of a Brute Force attack, whereby people are trying to crack into your WP site by hammering the login page until it cries uncle.
It's important to remember that this kind of attack is not specific to WordPress. WordPress is just too darn popular. If you're getting really hammered and can't even get to your server to install plugins or tweak .htaccess, contact your webhost immediately. They're the ones who can help you best in that moment.