This paper provides an overview of the security and privacy challenges in federated learning (FL), a distributed machine learning framework that allows multiple users to train a model without sharing raw data. The authors use CiteSpace to analyze the current research status, describe the basic concepts and threat models, and discuss security and privacy vulnerabilities in current FL architectures. They also explore advanced defense solutions and provide a summary and comparison of these solutions. The paper highlights the importance of addressing these challenges due to the increasing reliance on data-driven AI and the need for robust privacy protection. Key contributions include a clear structure for the paper, up-to-date content, and a comprehensive analysis of offensive and defensive aspects of FL. The paper is structured into several sections, covering literature research, background on FL, threat models, security attacks, privacy attacks, and future research directions.This paper provides an overview of the security and privacy challenges in federated learning (FL), a distributed machine learning framework that allows multiple users to train a model without sharing raw data. The authors use CiteSpace to analyze the current research status, describe the basic concepts and threat models, and discuss security and privacy vulnerabilities in current FL architectures. They also explore advanced defense solutions and provide a summary and comparison of these solutions. The paper highlights the importance of addressing these challenges due to the increasing reliance on data-driven AI and the need for robust privacy protection. Key contributions include a clear structure for the paper, up-to-date content, and a comprehensive analysis of offensive and defensive aspects of FL. The paper is structured into several sections, covering literature research, background on FL, threat models, security attacks, privacy attacks, and future research directions.