Idk how my point about ASICS applies to Monero mining software. Xmrig is the main software and its free and open source 
its a very small codebase. Bitmain ASICS are proprietary hardware. Perhaps you could elaborate on that.
Relating to attacks, I made the point that state adversaries don't need to outcompete the current mining market. They can use lawfare and regulations to control each giant mining company. This is extremely cheap for state actors, and in the case of taxation, can be profitable. Also hardware level backdoors via Bitmain are a genuine threat too, at least according US intelligence. Can't do that on Monero when most hashrate comes from gaming PCs and botnets.
On Monero you'd have to outcompete the current hashrate, or convince existing miners to join a malicious pool as the recent Qubic attack did. You're right that this is a way cheaper attack on monero considering its like 15x smaller market cap, but we have to acknowledge that difference of scale when weighing either security model appropriately.
I will also make an appeal to tradition here. Satoshi famously wrote "one CPU one vote". Monero uses RandomX for the sole purpose of making the CPU the most efficient miner. ASIC resistance came from Satoshi first, we just carry the torch. I don't think Satoshi would be cool with the current "Proof of ASICs" as Bitcoin currently is.
GitHub
GitHub - xmrig/xmrig: RandomX, KawPow, CryptoNight and GhostRider unified CPU/GPU miner and RandomX benchmark
RandomX, KawPow, CryptoNight and GhostRider unified CPU/GPU miner and RandomX benchmark - xmrig/xmrig
