There is an ongoing attack against some WordPress implementations that is trying to brute-force the passwords for the administrator accounts on the installations. The attack is being driven by an automated PHP script that tries thousands of possible passwords. The SANS Internet Storm Center has posted an analysis of the WordPress attack script, which was found on a virtual private server. The script has the added ability to allow an attacker to run it on a number of different servers at the same time, as the passwords it tries are stored in a database that can be accessed remotely.
Source: https://threatpost.com/wordpress-installations-under-brute-force-attack-113009/73170/