So, I could spend some of my unspent outputs, and then I could sell (or give) those useless (worthless) now spent outputs to someone else. If they can manage to collect up >50% of the outputs that were unspent at that point in time (even if they've all been spent since then), then they can mount an attack.
Perhaps my understanding is flawed? This is where I thought the biggest vulnerability was.
That is generally correct to my understanding as well.
Many POS security schemes limit how many blocks deep you can do a reorg, so the "at some point in the past" is limited to a somewhat recent past, but the issue still remains.
A person can keep buying coins and selling them, and trying to attack after selling them, so there is essential no cost to the attack, and as such has been dubbed the 'nothing at stake' issue.
The higher cost of a 51% attack by PoS is an enticing goal, but I don't think anyone has been able to show how to achieve that while addressing the other security concerns.
A hybrid PoW/PoS system also sounds like a good idea, but each such variation has it's own challenges and drawbacks.