Sometime yesterday, my site was hacked. Upon further investigation, it looks like someone uploaded a new index.php for my theme.
Is there a vulnerability somewhere that needs to be patched? I don't know enough about how WP works to know for sure.
If you need me to post a zip of my compromised theme directory, let me know.