One thing that makes me wonder is that there are 4 security issues raised and all of them were automatically commented and closed by some bot called `pl-ghost` [1][2][3][4]. In the end, only this one [4] properly handled, and all bot comments are deleted. You can see the bot comments in another report [5], which is more informative than the OP one.
Andy from Lightning here. Yeah, the PyPi credentials were stolen through the compromised pl-ghost bot account. The attacker used this account to create a new actions workflow, which was ran and parsed out secrets for PyPi. After releasing the package, the attacker then used that account to troll us a bit with those comments.