If anyone is posting to your blog then you have provided them with the ability to do so either deliberately by adding them as official users, or foolishly by allowing them access to your login information, or by posting content that makes it easy for them to guess what your log-in information is.
Who, aside from you, has access to your login information?
Go to your email program and change the password to a very difficult one because that's how many hackers gain access to blogs
1. If you can log-in go here > Users > All Users and delete any user that does not belong there.
2. Disable post by email > http://en.support.wordpress.com/post-by-email/
3. Disable post by voice > http://en.support.wordpress.com/post-by-voice/
4. Change your blog password to a very difficult one > http://en.support.wordpress.com/passwords/#change-your-password
5. Use a secure, encrypted connection to connect to your Dashboard. Under Users → Personal Settings, check the box that says “Always use HTTPS when visiting administration pages, and click Save Changes.
6. Set up two step authentication http://en.support.wordpress.com/security/two-step-authentication/
Then read this please knowing that blogs don't get hacked when security protocols are followed. > http://en.support.wordpress.com/security/
P.S. I flagged this for Staff follow-up.