Does PoS risk placing control of the blockchain in hands of exchanges and bridges

COB exchanges such as Coinbase plan to offer staking, which I presume means they will have some say over how the validator nodes performing staking will process transactions.
Bridges to other blockchains will in some instances hold funds as collateral backing the IOUs they mint representing Ethereum and other assets on other L1 or L2 networks.
I can also see that if exchanges or bridges were hacked in the future, the hackers would gain some say in block validation, whereas at present they would have to steal physical hardware.
Are we moving from “something I know” (seed phrase), “something I have” (GPU); which is more akin to 2FA, to 1FA?

Looking for a positive way to end this post. Hoping by posting here instead of Reddit etc we can have good discussion - I’ve learnt solidity development in recent months, looking for problems to work on, this one seems pretty important.