While working on the Helm source, a Helm core maintainer discovered — whoops! — that you could all too easily set up a situation where the username and password credentials associated with one Helm repository could be passed on to another domain.
Read full article on The New Stack