On windows I was afraid of keyloggers and although I was the only PC user and only myself had physical access to my PC, I always created second user account (with no admin privileges) and never user admin password. To use admin password I always re-logged to first account with admin privileges.

1) Is on Linux a real threat that when I browse Internet I can catch a malicious script or something that can compromise my system or read my documents (they are more important than system). Let's say it is possible. Would it be possible for that script to compromise my system and read or give an attacker easier way to escalate to sudo account?

2) Can the practice of working on non-sudo account and always relogging to sudo-user-account even when updating system make impossible for keylogger to read what I type - I mean password? Can Linux keylogger read password that I type in SDDM? I read that kelogger can read what is typed across X applications. Only Wayland will prevent it.

What is a real danger of malicious script from internet sites and possibility of keylogers to read my passwords if I only install applications from default, official repositories?

Is working on sudo account more dangerous in terms of making to escalation to root more easy for an attacker? Can escalation of privileges to root be made only by a human being doing an attack personally (must know my IP address) or can be malicious Internet scripts be used for that and first contact the attacker that I am online?

I read about it on Internet, and asked questions on forums but never got full answer. Can you make it clear for non-geeks, please? I admit I have no knowledge about security whatsoever.