Pakistan-associated threat group APT36 has escalated cyber-espionage operations against India by targeting BOSS Linux, an indigenous operating system used by Indian government agencies. This marks a strategic shift from traditional Windows-centric attacks to a focus on undermining India’s digital sovereignty. The campaign involves sophisticated tactics such as spear-phishing and malware designed specifically for Linux environments, highlighting the growing sophistication of Pakistan-based cyber actors. This development underscores the urgent need for India to enhance its digital defense architecture, establish rigorous cybersecurity certification frameworks, and foster collaboration between public and private sectors to counteract these evolving threats. The targeting of BOSS Linux exemplifies a broader hybrid warfare strategy aimed at destabilizing India’s technological foundations.