News has broken that a huge DDOS attack has been going on recently. Nothing new there, but what is different this time is that the XMLRPC interface of WordPress is being used as indirect source amplification vectors.
There’s more information on the Securi Blog, and they’ve created a check tool to see if your site is being misused as part of this attack.