I suggest continue using Metamask, because from what I can gather from topic, there was no flaw from Metamask, security of wallet depends on it's user — read what you sign (if it's not readable, be cautious) — don't sign malicious stuff, don't give high value/infinite approvals unnecessarily, if approval done due to necessity, then remove the approval [1] once task is done and you'll be fine.
Not recently, maybe years ago. The weird stuff is that there is the send transaction soon after this "Call"
Your wallet is connected to a smart contract or a DApps if you’re familiar with all this retro active airdrops then you might have connected and left it connected. You can go to network on the app and disconnect them but that won’t still Eliminate everything entirely as that wallet is already compromised. Just create a new wallet and generate new keys and you will be fine.
Connecting wallet does not compromise wallet, it only means dapp will be reading your address and ask for approvals (which if malicious and you approve, can compromise your wallet). You'll see what you are connecting for when you connect wallet.
[1]
https://polygonscan.com/tokenapprovalchecker