Or historical exploits/trojans/etc. that deserve more attention? I’ve mostly heard about lucrative vulnerabilities that concern Linux servers, but what about the end-users on desktops? Or is the Linux desktop market small enough that we mostly just see one-off instances of users blindly running malicious scripts?
Malware targeting individuals rather than servers do not need privilege escalation. They just need to run as the user and swipe cookies/credentials/wallets etc. Privilege escalation would allow them to do catastrophic damage but that’s not the point in that case.