This paper systematically surveys four emerging security threats to large language models (LLMs) from 2022–2025: prompt injection and jailbreaking, adversarial attacks (input perturbation and data poisoning), malicious misuse (disinformation, phishing, and malicious code generation), and intrinsic risks in autonomous agents (goal misgeneralization, latent planning, and self-preservation tendencies). It is the first work to formally integrate high-level cognitive risks—such as latent planning—into a unified security framework, demonstrating their persistence despite existing safety training. Methodologically, the study employs taxonomic analysis, cross-literature comparison, defense attribution assessment, and case-driven threat modeling to construct a comprehensive, multi-dimensional security landscape. It identifies critical gaps in current defenses and proposes a multi-layered robust protection roadmap. The findings have been incorporated into multiple industrial AI safety standard drafts.

Large Language Models (LLMs) such as GPT-4 (and its recent iterations like GPT-4o and the GPT-4.1 series), Google's Gemini, Anthropic's Claude 3 models, and xAI's Grok have caused a revolution in natural language processing, but their capabilities also introduce new security vulnerabilities. In this survey, we provide a comprehensive overview of the emerging security concerns around LLMs, categorizing threats into prompt injection and jailbreaking, adversarial attacks (including input perturbations and data poisoning), misuse by malicious actors (e.g., for disinformation, phishing, and malware generation), and worrisome risks inherent in autonomous LLM agents. A significant focus has been recently placed on the latter, exploring goal misalignment, emergent deception, self-preservation instincts, and the potential for LLMs to develop and pursue covert, misaligned objectives (scheming), which may even persist through safety training. We summarize recent academic and industrial studies (2022-2025) that exemplify each threat, analyze proposed defenses and their limitations, and identify open challenges in securing LLM-based applications. We conclude by emphasizing the importance of advancing robust, multi-layered security strategies to ensure LLMs are safe and beneficial.