That is a typical clipboard malware case, in yours it's nothing like that, the funds didn't get drained to another address, more like the old paper wallets and no change adress, besides it would have affected your first transaction also if it was some kind of malware, but linux, offline signing...doubt it!
That’s when things went wrong. Although the address I entered was correct, I received a transaction error. I tried again, and it worked. After completing the transaction, I noticed the recipient address was not mine. In a panic, I tried to cancel the transaction. Sparrow Wallet allows this, but I’m not sure what fee I selected—I think the fee slider was set to about $10 with a 1-block confirmation. I confirmed, but Sparrow Wallet gave me a transaction error.
This chain of errors is weird, even if it was malware it shoudn't have gotten an error for a legitimate transactions, it's just the destination that is getting replaced, I'm really curious on your first tx that you tried to broadcast, and who is this bc1qhvppc7apsykmas05aj46xs6ws6qm8h5ytmtg7f that the dust got sent to, did you actually try to this address at all at any steps?
So OP is one of those who spam dust on the Bitcoin blockchain for financial gain. Now my sympathy suddenly turned into a feeling of sweet justice.
Right now if we go by the malware exploit scenario, it seems the attacker is the one that is involved in rune minting, not OP, benefit of doubt till anything else comes to light