They sound scary, I found the explanation as to what they actually are on Mozilla's site to be rather lacking, and I don't see any need to have them -- I've had them disabled for at least a year, and everything works fine.
Service workers are used to cache a web app locally in order to make it load faster, and (if appropriate for the app) even run entirely offline. They also enable push notifications, though only after you explicitly allow them. You can read more about this under the umbrella term 'Progressive Web App' (PWA).
I am not aware of any attack vectors specifically related to service workers -- it's just normal JavaScript, but with more restrictions.
The impression I got was that it's JavaScript that can run even after I close the page, which sounds undesirable to me. I could be wrong about that, but like I said, I spent 5 or 10 minutes trying to understand Mozilla's page about it and ended up with more questions than answers.
Before I disabled them, I saw a ton of service workers registered from sites that I visited once and likely will never visit again, so even if there are no attack vectors, it seems like it's at the very least, "stuff that I don't need."
> cache a web app locally in order to make it load faster
Uh, isn't there already a browser cache for this?
> run entirely offline
No thanks.
> push notifications
No thanks. :)
Like I said I've had them disabled for a long time now and haven't had any issues, so at this point I'm not going to think about it again until and unless stuff I care about starts breaking.
The question becomes, why not disable them?