I didn’t ignore.

those tend to be different attacks than would target random consumer computers

That doesn’t mean attacks on Linux are minors, just different kind of attacks, because a user mistake is easier to exploit than a vulnerability in a software/code. That’s not about software mistakes that create vulnerabilities, that’s a user mistake that install malware.

open source definitely plays a role in Linux security, but it’s minor compared to stuff like market share, user privilege, package management vs just installing random exes, different distros using different packaging systems

This kind of attacks you are saying are actually the “minor” attacks that daily occurs, but normally the most effective, there is a lot of scam, but daily or hourly there are millions or billions of attacks everywhere, or that’s what my cybersecurity team at my company showed me, they are 24/7 there to never let any attack penetrate to the organization. Imperva and Cloudflare (for example) are or have powerful firewalls that block many attacks every minute. And you are comparing that to a malware that a user install.

So that’s why I am saying, because you can’t see them, doesn’t mean there aren’t attacks.

Edit: More data added on bottom.

I found this: https://www.imperva.com/cyber-threat-index/

The Cyber Threat Index is calculated using data gathered from all Imperva sensors across the world including over:

• Over 25 monthly PBs (Peta Bytes1015) of network traffic passed through our CDN
• 30 billions (109) of monthly Web application attacks, across 1 trillion (10¹²) of HTTP requests analyzed by our Web Application Firewall service (Cloud WAF)
• Hundreds of monthly application and database vulnerabilities, as processed by our security intelligence aggregation from multiple sources