I use privacy badger, and unless I'm mistaken, it doesn't use a list to block content, it just blocks any 3rd party request that send cookie information.
Edit: the linked issue is regard "instart" which seems to exploit a Chromium flaw that allows it to disguise third-party cookies as first-party, preventing filtering based on that categorization alone.
It seems it's getting harder to rely on browsers working how they were originally intended.
Instart is a MITM service like Cloudflare. It more or less partners with adproviders to serve thirdparty requests through a proxy on the first party ___domain.
Because that means you might be blocking legitimate stuff too.
My company, https://TalkJS.com, makes a pluggable messaging component. Customers embed it in an iframe, created by a 3rd party (from their perspective) hosted js file. Currently, it doesn't rely on cookies for security but we easily might change that.
Same for other pluggable content, say Disqus and many more. I would be very sad if an ad blocker would block us because we dare use appropriate tools for security.
Why are we relying on a list?