do some research or something jesus lmao. Linux servers, on average, are much higher profile entities to target, typically has more eyes watching them for problems, and technically literate people administrating them. meanwhile your typical windows machine is used by non technical, every day users who do very little proper security practices and threat mitigations.
you get a better ROI targeting windows users than you do, Linux users. it’s really not difficult to understand
selinux is one example.