I wouldn't say there is too much trust in witnesses as they are elected by stake-holders. But I can see the argument that there is too much trust in the community to properly select and manage their witnesses.
I'm curious, however, when and what type attack on the Steem blockchain are you talking about? Is it a major attack? (overwriting blocks, altering the history) or something less serious? (spamming, collusion) One could argue that those less serious attacks aren't really attacks but roundabout ways of mining the blockchain. I've seen arguments that such behavior could be seen as a "roundabout" Proof-of-Work.
It was altering history. And you will have to try to find the posts on it. Some people posted about it.
IN POS systems, ... well, in all human systems, cliques form. And, it is not unlikely that a clique will find itself with enough power to change things.
It is because those who get in early are usually friends, or friends of friends. They are not independent actors.
I like Reddcoin working at paying people to all have their wallets open, and the wallets all verifying. I wish to look into it more.
And i agree, that next year, there will be something that blows POS and POW out of the water.