MODX has a pretty good track record of being secure, but that doesn't mean it's invulnerable. Today MODX Revolution 2.6.5 was released with critical security fixes that can lead to a fully compromised site.
You should start upgrading your sites immediately. If your sites are hardened (with all MODX directories renamed or moved), that only offers limited protection against the patched vulnerabilities, so you should still upgrade.
Update July 20th: These vulnerabilities are being actively exploited, with sites getting hacked all over the web.
Gallery 1.7.0 is also vulnerable to a similar vulnerability. If you use Gallery, upgrade that to v1.7.1 immediately.