Someone logged in to my site today (from Romania, according to the log - I'm in the US) and created a bunch of spam domains. (One was "powder.biz", which is registered to someone in Pakistan...") There is no possible way they could have guessed my password - before I changed it, it was U2Pvf$k_3x. I am extraordinarily careful about my password - I only ever log in to my Plesk install from my home computer, and only over https. This leads me to one conclusion - there's an exploit in the wild. Has anyone else started seeing this?