Malware issues
I had some botnet problems arise on my Linux box, so I know how these things go. I still have no idea how they managed to execute commands from the web server and cause the www-data user to run an eggdrop IRC bot along with a menagerie of IRC stuff, but it did, nonetheless. Luckily I run the web server as www-data or it would have rooted me, and that's definitely not good. After updating Wordpress, Apache, PHP, and other things, it seems to have gone away. That, and I blocked the IPs that were constantly scanning me and the providers of the malware in the iptables firewall, which really took a chunk out of the botnet's ability to take over my server. Netstat and tcpdump are your best friends when dealing with this type of problem. Most of the addresses were in China, Russia, and other such places.