Linux is a major server OS (arguably the largest), very big in embedded systems, and completely dominant on smartphones. Hackers are spending very significant time working to find exploits.
I disagree. The only hackers who are putting big effort in this would be state sponsored and highly targeted groups trying to get access to a specific machine. There's little value in general purpose attacks on Linux because:
a) the target database is of unknown value, unlike say a home PC where a user routinely types in his banking password, credit card info and paypal details.
b) the target machine is often unattended removing the biggest point of entry, a user clicking something.
c) the target machine is of low value when need a zombie when you can instead go after low hanging fruit. 500 home internet connections is far better than one company with a large pipe when it comes to botnetting your way around.
d) there's still major effort involved compared to the many trivial targets presented by the Windows monoculture.
e) servers are typically better managed than desktop OSes (hence the forced updates debacle with Microsoft in the first place).
Linux is just not an attractive target unless the target itself is pre-determined ... e.g. an Iranian nuclear enrichment facility.