Less vulnerable to it due to the PoW algorithm it uses, but if it did happen it could go undetected.

Because RandomX can only be performed on a CPU, you'd have to marshal a pretty massive botnet to 51% attack Monero. Like more than 100k servers.

There's not even enough hashpower available on Nicehash to pull it off.

If somebody were able to coordinate the top 3 mining pools they could do it, but as the P2Pool share of the hashrate grows this gets harder.