Do not scan QR code you find online, only scan when paying to another crypto wallet or you want to sell your BTC on an exchange, QR codes can come with malicious things too.
Let's not be too paranoid. You can set up devices in such way that they read a qr code and display what was read without taking any action. This means that you can get malicious code, but will have to confirm it on the device for that code to execute. If you decide to scan a code with an address and get a bunch of strange code instead, just do nothing, cancel the whole process and flag this QR as scam attempt.
I use an offline wallet that isn't truly airgapped because it goes online from time to time when I transact, but for an attacker to be able to target me they'd have to know the IP of that machine and be there waiting when it comes online, which is literally impossible since last time I used it was months ago.
When a hacker really knows his stuff and understands how to target your machine and your wallet, setting up a little bit of code that initiates procedure calls to find out when your wallet comes online should not be a problem at all. But I think it might still not be worth the effort as hackers could probably find other addresses that are more or less guaranteed online frequently a million times easier. A lot of people share a lot of stuff, including PKs and their locations. There is probably no good incentive to use tech to target you, unless you now let us know that the wallet contains 100,000 BTC.
