I’ve been thinking about something and hopefully some of the more experienced of you could lend me your knowledge.
Take for instance that you have a working FPS using some open-source libraries in JARs. I’m wondering if a malicious user could compile their own (jME for instance) with some extra modifications to give them an unfair advantage (wallhacks?). Is this possible? Is there a mechanism in Java to prevent this? Am I worrying too much?
Thanks 
Yes they could and they wouldn’t need opensource libs to pull that off, It’s easy to decompile code or even tamper with your variables in memory at runtime.
There have been plenty discussions on this forum about decompiling and cheating. Bottom line is that in multiplayer games you want to keep all gamelogic on the server and make the clients as dumb as possible. For cheaters its mostly to ruin others game expirience, so you wouldn’t really have to bother unless you expect lots and lots of people playing your game (in fact if you’d pull that off you’d be the first one to make a popular FPS in Java that I know of : )
so don’t update players location you can’t see 