I have exactly the same problem.
Hidden porn links were inserted into the code of recent posts and the comments and ping settings are switched off. I also noted that a new Administrator user was set up (which I have promtly deleted).
I thought it was because I was using an older version, but I upgraded an still get the spam porn links inserted into my posts.
Any idea how to stop it? Or is there at least a common IP address that all these attacks originate from, which I can get my host to block?
