There is a first time for everything. One of my WordPress sites had malware installed which caused the homepage to redirect to some spam site. Things were much simpler when I used Moveabletype and delivered flat files.
The problem is solved for now, but I still have no idea how “they” managed to get access, nor do I care much to go down the rabbit hole that is exploring all the ways to securing a WordPress install. I already do the most obvious.