Unless your ISP does Deep Packet Inspection (DPI), your ISP should not be able to see your DNS queries since you won’t be querying their DNS server anymore, but the authoritative servers. Maybe you can protect yourself from DPI by setting up unbound to query the authoritative servers using DoT or DoH (though I don’t know how).
As for MIM attacks, I don’t have enough knowledge to answer.
ok is Pihole + unbound protects me from ISP seeing my queries, and MIM attacks?
You’re safe from MITM attacks, yes, but in terms of privacy it won’t help much.
Unless your ISP does Deep Packet Inspection (DPI), your ISP should not be able to see your DNS queries since you won’t be querying their DNS server anymore, but the authoritative servers. Maybe you can protect yourself from DPI by setting up unbound to query the authoritative servers using DoT or DoH (though I don’t know how).
As for MIM attacks, I don’t have enough knowledge to answer.