In most cases, the alert will serve as an indication that the website needs to update its credentials, rather than a warning that someone is trying to do something sinister with your information. Nonetheless, proceed with caution if you do decide to input sensitive data on these sites. Interactions with HTTP sites are broadcast unencrypted across the globe, and can be interfered with to insert ads, malicious software and trackers, or to redirect you to fake websites where passwords can be intercepted.
HTTPS sites, on the other hand, are more secure, although adoption has been slow. While upgrading is easier now making the change can still mean a lot of work for administrators, so Chrome's backlash against HTTP has caused irritation in some circles. Josh Aas, executive director of Let's Encrypt, told CNET that "Some people just don't want to do the work to secure their site, and at the same time they don't want the fact that it's not secure to be communicated to their visitors."
Nonetheless, Chrome plans to persevere with its HTTPS agenda. By Chrome 69, due in September, secure sites will simply display a black lock icon, instead of the green padlock and word "secure", emphasizing the fact that HTTPS sites should be the norm. Come Chrome 70 in October, the "not secure" warning on HTTP sites will change from black to a more noticeable red.