COMSEC has two presentations this week at the annual S&P conference. Blacksmith shows that all TRR mitigations deployed in (LP)DDR4 devices are vulnerable to non-uniform access patterns and ProTRR shows how one can build a space-refresh optimal in-DRAM TRR mitigation with principled security guarantees.
We also have a paper called Spring at the co-located WOOT workshop that shows how to revive Spectre-RSB in the browser. Spring led to a deployed patch and a bug bounty by Mozilla.