Official EoL from the Python foundation was back in 2020, but the vendors providing Extended Lifecycle Support are still putting out regular patch releases.

ActiveState puts their releases on GitHub. Look around and you can find similar from RedHat (RHEL7 ELS), TuxCare etc.

If you still got Python 2.7 apps on production, you don't need to be stuck on old operating systems and using a base Python with known vulnerabilities.

Any analysis of significant packages, runtimes stuck on 2?

I know of one in a routing security context. Tried to gin up funds to fix this a long time ago, failed. The runners are apparently content to sit.

I know of a few of highly custom enterprise systems. I still do a fair amount of consulting hours on 2.7 codebases. There is no technical reason why they couldn't be migrated, it just economics (or vendor management with incentives to not make it happen). The systems get to age out and are replaced with something else or rewritten from scratch.