Apparently there is some wordpress vulnerability that allows someone to replace my header file with a whole bunch of viagra links. Awesome.
Anyway, it actually overwrote the file on the server, so my design is all busted and I don’t have it backed up in any way.
I’ll be upgrading wordpress and fixing my site theme. This may take some time. Bear with me.
No, this is not an April fools thing. I actually got haxx0red, for realz. :/
Update: Alright, I’ve upgraded wordpress and removed the viagra links. It appears that someone was able to override my footer and header.php files for my theme. To an extent, I’m not terribly surprised, as those files are set world writable so that wordpress can write to them, allowing me to edit from the admin console.
This whole thing could have been much worse. The hack left my database untouched, all of my blog posts look the way they are supposed to. All it did was modify the files to my theme.
That said, because it so thoroughly destroyed my theme and I didn’t back my theme up on my local machine (it’s just a blog), I have set the site to use the default ugly wordpress theme until I can work up another one. It’s just as well, I was sick of the old one anyway.
Extra Update: I just wanted to share the comment that informed me something was wrong with my site. It’s humorous. These were both anonymous:
Real quick…I want an explanation for what the hell happened to your site or I’m reporting it to your hosting company and to Google. Two days ago I found this post and this site through Silicon Alley Insider and bookmarked it because I liked the blog design and wanted to work on something around it. I come back tonight and obviously the CSS file is gone. I clicked “view source” and not only is there no CSS file, there is no document head, no robots file, but there are about a thousand links to spam drug sites embedded in the source? You really don’t want me screencapping and posting this here and there, and you definitely don’t even want me to get started with Google, of all companies, reporting your ass if this isn’t a case of a your website being hacked.
Then later, same person:
You can hold my comments for moderation, I don’t care. I think you’re fucked either way. Looks like this site is owned and operated by the (fictitious?) Rod Hilton, whose own website is on a Google server. Try explaining that and all the spam links served to this site dynamically, viewable in the page source, before I get going on explaining it for you. You definitely don’t need to show my comments here to bury yourself in a world of shit.
Jesus, what a spazz. Well, thanks for letting me know my site was hacked, even if you did so by being a crazy person.
Absolutely No Machete Juggling is a blog about software, programming, computers, and me. I'm a programmer working in Colorado, mostly with Java and Ruby. 
