Keyloggers are easy to buy and hide on desktop computers but not on laptops. For an example, see <a href="https://www.youtube.com/watch?v=6JJo8qCYE8M">KeeLog: KeyGrabber forensic keylogger getting started</a>.
Firmware attacks have been demonstrated, but are complicated and expensive to perform. We don't know of any actual use against Tails users. For an example, see <a href=https://www.youtube.com/watch?v=sNYsfUNegEA>LegbaCore: Stealing GPG keys/emails in Tails via remote firmware infection</a>.