(also attack vector)
A threat vector is a path, method, or means by which a hacker can break into a computer system.
Through social engineering attacks like phishing, hackers can trick the victim into clicking on a malicious link and giving up their login information or even giving away their financial data.
An internal threat vector may be an employee exposing important network details to a malicious actor. Sometimes, the attack can even come from the employee themselves.