In　recent　years,　large　language　models　(LLMs)　have　emerged　as　a　critical　branch　of　deep　learning　network　technology,　achieving　a　series　of　breakthrough　accomplishments　in　the　field　of　natural　language　processing　(NLP),　and　gaining　widespread　adoption.　However,　throughout　their　entire　lifecycle,　including　pre-training,　fine-tuning,　and　actual　deployment,　a　variety　of　security　threats　and　risks　of　privacy　breaches　have　been　discovered,　drawing　increasing　attention　from　both　the　academic　and　industrial　sectors.　Navigating　the　development　of　the　paradigm　of　using　large　language　models　to　handle　natural　language　processing　tasks,　as　known　as　the　pre-training　and　fine-tuning　paradigm,　the　pre-training　and　prompt　learning　paradigm,　and　the　pre-training　and　instruction-tuning　paradigm,　this　article　outlines　conventional　security　threats　against　large　language　models,　specifically　representative　studies　on　the　three　types　of　traditional　adversarial　attacks　(adversarial　example　attack,　backdoor　attack　and　poisoning　attack).　It　then　summarizes　some　of　the　novel　security　threats　revealed　by　recent　research,　followed　by　a　discussion　on　the　privacy　risks　of　large　language　models　and　the　progress　in　their　research.　The　content　aids　researchers　and　deployers　of　large　language　models　in　identifying,　preventing,　and　mitigating　these　threats　and　risks　during　the　model　design,　training,　and　application　processes,　while　also　achieving　a　balance　between　model　performance,　security,　and　privacy　protection.　©　2025　Science　Press.　All　rights　reserved.