Multi-agent systems achieve overall objectives through information interaction and coordination among agents. Research on consensus of multi-agent systems not only reveals the characteristics of self-organization and distributed control but also demonstrates significant practical application value in fields such as computer science and artificial intelligence. However, as interactions among agents heavily rely on network communication conditions, the frequent occurrence of cyber attacks during data transmission poses severe challenges to the secure and stable operation of systems. Therefore, this paper aims to summarize the research progress on consensus security and privacy protection of multi-agent systems under cyber attacks. First, the impact of attackers on the confidentiality, integrity, and availability of information transmission is briefly illustrated, highlighting the vulnerabilities of systems under three typical attack patterns: eavesdropping attacks, false data injection attacks, and denial-of-service (DoS) attacks. Subsequently, based on the characteristics of different types of cyber attacks, the paper discusses secure control and privacy protection issues in consensus research from the defender's perspective, while further summarizing commonly used detection and defense mechanisms. Additionally, the study comprehensively reviews the development status of distributed control-related research branches, focusing on secure control strategies under false data injection attacks and DoS attacks, as well as the design of consensus privacy protection algorithms under eavesdropping attacks. Finally, the technical challenges and issues in the research of consensus security and privacy protection for multi-agent systems are analyzed and research directions worth exploring are further outlined.