This talk was presented at bugSWAT. Video of the talk is at https://youtu.be/B5ZyYTKp4gc
Talk features:
Password manager issue with iframe/CSP sandbox
https://crbug.com/825258, https://bugzilla.mozilla.org/show_bug.cgi?id=1426767
Stealing audio data with HTTP redirect
CVE-2018-6161, CVE-2018-4278
Multiple SOP bypasses with Service Worker
CVE-2018-6093, CVE-2018-6099, CVE-2018-6159, CVE-2018-6164, CVE-2018-18352
SOP bypasses with HLS
CVE-2018-16072, CVE-2018-4345, CVE-2018-4345
Site Isolation bypass
CVE-2018-18345