In my first incidence of this, apparently an application that I authorized for my twitter account was either compromised from the server side, or something similar, as twitter spam started going through my account.
Just like we perform maintenance on our computers, change passwords, and other spring cleaning, on any services where you authorize applications/services to access your account, it's a good idea to check through those, delete any that you don't use, and reassess whether you trust those that do.
Unfortunately, twitter didn't tell me which app was abusing- just that it seemed that some application that I had given access to was abusing that access.
The more you know...