Thanks, EMSC and Marc_C. I had been stumped by what was creating that, and after trying to identify the issue I put it on hold over the weekend so that I could ski. That turned out to be a mistake, for it was a hack.
Many folks noticed that FTO was taken down this morning. That's because a spammer who had implemented that hack used the exploit to upload PHP files to the server to send spam emails using our machine. At the time it was taken down around 7:30 a.m. the script had queued some 31,000 emails. In a way, though, that was a good thing because it created the hint that I needed to understand what had been done.
We're now back up and running after identifying the exploit, removing the offending files and scripts, and strengthening site security to patch that hole. You'll also notice that the featured content is now functioning normally.