Wonder if publishing keys were compromised in one of the previous PyPI incidents...