Are we safe because we’re a relatively tiny, niche OS?
To a certain extent, yes. All real-world security ultimately depends on how many resources your adversary is willing to expend. In practice, there’s no “perfect level of security” for a usable computing system that’s guaranteed to remain impervious even in the face of the rest of the physical universe being directed toward breaching it. (Sufficiently strong encryption can offer such guarantees for data at rest, but then you can never decrypt it. Once you involve an act of decryption, you have to assume a usable system with many more moving parts and potential points of attack, including the physical environment in which the computing system is used and the fallible sapients operating it.)
In this sense, it doesn’t matter whether it’s the Qubes OS we have today or a theoretical future version that’s a thousand times stronger. The general principle remains the same: Security is always relative to the strength of your adversary.
In practice, today, it’s likely that Qubes being relatively small and niche results in attackers spending relatively fewer resources on breaking it, but this depends on unknown factors. We don’t know how many high-value targets are using Qubes. (There is reason to expect that high-value targets might disproportionately self-select into using Qubes over non-security-focused OSes.) We do know that it’s nowhere near as popular as, say, Windows and macOS. An attacker motivated purely by profit stands to gain vastly more by targeting Windows users, so it’s unlikely that such an attacker would spend more resources for less potential gain by targeting Qubes. On the other hand, a well-funded attacker specifically targeting certain individuals might be motivated to devise methods to compromise whatever systems the target happens to rely upon. This might turn out to be Qubes, but Qubes might not be the easiest entry point against that target. That might instead turn out to be the target’s mobile device, home security system, place of business, friends, or something else.