A recent study highlights that attackers who strategically choose when to strike significantly reduce the safety of AI control systems, with safety estimates potentially being overly optimistic. The findings suggest that future evaluations should account for attack selection to provide more accurate safety assessments.