What's the reason for this shift? Non-interactive sites may not seem to pose a security risk in the way ones with user forms do. But man-in-the-middle attacks
can compromise them as well. A malicious relay point can alter links or inject unwanted or dangerous ads. It can replace an entire page with counterfeit data.
Public Wi-Fi hotspots are highly vulnerable. Connections to them aren't encrypted, and it just takes some simple equipment to intercept communication with one. Alternatively, criminals can create a public hotspot, give it a name that sounds like an authorized service, and then use it to manipulate any connections people give it.
Another trick is DNS manipulation. Criminals or state actors trick a DNS (domain name service) server into providing incorrect IP addresses. Traffic intended for a legitimate website goes to a rogue one, instead. With an HTTPS connection, the browser will warn the user that the certificate doesn't match. A plain HTTP connection won't give any warning.
Many people use proxy servers to conceal their identity or bypass restrictions on access. The people who announce that a free proxy is available aren't always honest. They could alter or replace any content that passes through them. They could replace ads on a page with their own, and most people would never realize it was happening.
Your own Internet service provider could be manipulating what you see. In 2014, Comcast was caught injecting ads
into pages accessed on its public Wi-Fi hotspots. The owners of the pages hadn't consented. There have been reports of similar ad injection on a smaller scale by local access point owners. If they had used HTTPS, no hotspot could have injected ads.