A threat is some external actor, agent, technology, or information flow with the potential to compromise a system. Malware is a general term for software that poses a threat. Malicious external agents are sometimes called hackers or crackers. Tools used by external actors to gain unauthorized access to a system are called exploits. A long-term, sophisticated hacking attempt is called an Advanced Persistent Threat (APT).
Threat modeling applies formal mathematical techniques to the analysis of threats. One example of threat modeling is the Dolev-Yao adversary model.
References:
http://csrc.nist.gov/publications/nistpubs/800-30/sp800-30.pdf