I just finished cleaning up the results of iFrame injection attack that occurred with WP version 2.5.1
I discovered the problem while going to update to 2.6, so hopefully the issue has been resolved. However, for everyone out there who has not upgraded, or for anyone who wants to make sure they have not been compromised:
Your blog has a cool search feature. Being that almost every iframe injection will be inside a post, you can simply search "iframe" in the manage tab and it will find it. Searching by hand is time consuming, let smarter robots work for you ;)
Also, be sure to change your admin password if you do find a problem, in case it is less injection and more hacked admin account.