I prefer electrum cause i have a weak memory and already lost a ledger one time,but is it really safe ?
Safety of any wallet depends mostly from people who are using them, so you need to download Electrum from official sources and verify it.
Than it is better to install electrum on some offline computer of laptop without internet access, and you will be much safer.
does something like that hacking of the fake update links showing for people with old electrum clients can happen again ?
Something like this can potentially happen, but not if you are using airgapped computer and if you always verify all the files you downloaded from official website.
How to verify GPG signatures
GPG signatures are a proof that distributed files have been signed by the owner of the signing key. For example, if this website was compromised and the original Electrum files had been replaced, signature verification would fail, because the attacker would not be able to create valid signatures. (Note that an attacker would be able to create valid hashes, this is why we do not publish hashes of our binaries here, it does not bring any security).
In order to be able to verify GPG signatures, you need to import the public key of the signer. Electrum binaries are signed with ThomasV's public key. On Linux, you can import that key using the following command: gpg --import ThomasV.asc. Here are tutorials for Windows and MacOS. When you import a key, you should check its fingerprint using independent sources, such as here, or use the Web of Trust.
https://electrum.org/#download