The recent REST-API vulnerability which was fixed in WordPress 4.7.2 is having a widespread impact on WordPress security. It allows attackers to modify the content of WordPress posts without authorization.
If you are using Wordfence Premium with your firewall enabled, you are fully protected against this attack, even if you have not yet updated WordPress.
WordFence is currently tracking 20 defacement campaigns, many of which are very successful at changing content on WordPress sites. This morning (02/09/2017) they published data showing which website defacement campaigns are currently active, how attackers have switched to using the REST-API exploit and how it has massively increased their success rate in attacking WordPress.
WordFence can also show how attackers have evolved their attack technique over time and how they are competing against each other to deface WordPress sites. They include data on the top attacking campaigns and IPs in the above referenced article.