HSRR A.I CyberSecurity Scoring
12/05/2026
Access Monitoring Plan
Access Monitoring Plan
No incidents recorded for HomeTowne Studios by Red Roof in 2026.
No incidents recorded for HomeTowne Studios by Red Roof in 2026.
No incidents recorded for HomeTowne Studios by Red Roof in 2026.
Landry's is a multinational, diversified restaurant, hospitality, gaming, and entertainment leader based in Houston, Texas. The company operates more than 600 establishments around the world, including well-known concepts, such as Landry’s Seafood House, Bubba Gump Shrimp Co., Rainforest Cafe, Morton’s The Steakhouse, The Oceanaire Seafood Room, McCormick & Schmick’s, Chart House, Saltgrass Steak House, Del Frisco’s Double Eagle Steakhouse, Palm Restaurants, and Mastro’s Restaurants. The company also operates a group of signature restaurants, including Vic & Anthony’s Steakhouse, Grotto, Willie G’s, and others. The gaming division includes the renowned Golden Nugget Hotel and Casino concept, with locations in Las Vegas and Laughlin, NV, Atlantic City, NJ, Biloxi, MS, and Lake Charles, LA. The entertainment and hospitality divisions encompass popular destinations, including the Galveston Island Historic Pleasure Pier, Kemah Boardwalk, Aquarium Restaurants, and other exciting attractions, coupled with deluxe accommodations throughout the Houston and Galveston area, including The Post Oak Hotel at Uptown Houston, Westin Houston Downtown, Kemah Boardwalk Inn and The San Luis Resort, including the Hilton Galveston Island Resort and Holiday Inn Galveston on the Beach located on Galveston Island.
IHG Hotels & Resorts [LON:IHG, NYSE:IHG (ADRs)] is a global hospitality company, with a purpose to provide True Hospitality for Good. With a family of 21 hotel brands and IHG One Rewards, one of the world's largest hotel loyalty programmes, IHG has over 7,000 open hotels in more than 100 countries, and a development pipeline of over 2,300 properties. Luxury & Lifestyle: Six Senses Hotels Resorts Spas, Regent Hotels & Resorts, InterContinental Hotels & Resorts, Vignette Collection, Kimpton Hotels & Restaurants, Hotel Indigo Premium: Noted Collection, voco hotels, Ruby, HUALUXE Hotels & Resorts, Crowne Plaza Hotels & Resorts, EVEN Hotels Essentials: Holiday Inn Express, Holiday Inn Hotels & Resorts, Garner hotels, avid hotels Suites: Atwell Suites, Staybridge Suites, Holiday Inn Club Vacations, Candlewood Suites Exclusive Partners: Iberostar Beachfront Resorts InterContinental Hotels Group PLC is the Group's holding company and is incorporated and registered in England and Wales. Approximately 400,000 people work across IHG's hotels and corporate offices globally. Visit us online for more about our hotels and reservations and IHG One Rewards. To download the IHG One Rewards app, visit the Apple App or Google Play stores.
We are Accor We are more than 290,000 hospitality experts placing people at the heart of what we do, creating emotion for our guests, and nurturing passion for service and achievement beyond limits. Building on the strength of our teams and of our fully integrated ecosystem of leading brands, personalized services & expert solutions, we break new ground to reimagine hospitality and inspire new ways to experience the world. We are dedicated to suit all desires and needs, and reinvent the guest experience every day with our 45 hotel brands across all segments- 5,600 properties around the world from luxury five-star palaces to smart economy hotels, exquisite residences to full-service resorts. Because we take care of millions of guests and each of our hotels is a world in itself, where every action counts. We strive to make positive impact both locally and globally, to ensure hospitality benefits not only the few, but all.
Founded in Germany in 1897, Kempinski Hotels has long reflected the finest traditions of European hospitality. Today, as ever, Kempinski is synonymous with distinctive luxury. Located in many of the world's most well-known cities and resorts, the Kempinski collection includes hotels in a grand manner, pace-setting modern establishments and older hotels of individual charm. All blend gracefully into their surroundings and offer luxurious accommodations, superb cuisine and unrivalled facilities - complemented by impeccable service. For leisure and business guests alike, the name Kempinski has long been synonymous with style, mobility and efficiency. Put simply, they are the first choice for the discerning individual. In addition to operating many of the finest city hotels in the world, Kempinski is a name that can now be found in many exciting resort locations, each combining local flair and ambience with the international standards of service and luxury that Kempinski guests have come to expect. To see all the different Kempinski jobs and apply, please go to https://careers.kempinski.com
Travel + Leisure Co., the world's leading vacation ownership and membership travel company, provides more than six million vacations to travelers every year. The company’s extensive Vacation Ownership portfolio includes trusted and iconic vacation club brands with a combined 270+ resorts worldwide, offering quality, flexibility, and value to more than 800,000 timeshare owners. Through its Travel and Membership business line, the company unlocks even more travel inspiration and opportunities via its signature subscription travel club, Travel + Leisure GO, and pioneering timeshare exchange network, RCI. With hospitality and responsible tourism at its heart, the company’s 19,000+ dedicated associates around the globe help the company achieve its mission to put the world on vacation.
DoubleTree by Hilton hotels are distinctively designed properties that provide true comfort to today’s business and leisure travelers. From the millions of delighted hotel guests who are welcomed with the brand’s legendary, warm chocolate chip cookies at check-in to the advantages of the award-winning Hilton HHonors® guest reward program, each DoubleTree by Hilton guest receives a satisfying stay wherever their travels take them. With a growing collection of contemporary, upscale accommodations in more than 375+ gateway cities, metropolitan areas and vacation destinations worldwide. DoubleTree by Hilton is part of Hilton Worldwide (NYSE: HLT), a leading global hospitality company spanning the lodging sector from luxury and full-service hotels and resorts to extended-stay suites and focused-service hotels. For 95 years, Hilton Worldwide has been dedicated to continuing its tradition of providing exceptional guest experiences. The company’s portfolio of eleven world-class global brands is comprised of more than 4,100 managed, franchised, owned and leased hotels and timeshare properties, with more than 685,000 rooms in 92 countries and territories, including Hilton Hotels & Resorts, Waldorf Astoria Hotels & Resorts, Conrad Hotels & Resorts, Curio – A Collection by Hilton, DoubleTree by Hilton, Embassy Suites Hotels, Hilton Garden Inn, Hampton Hotels, Homewood Suites by Hilton, Home2 Suites by Hilton and Hilton Grand Vacations. The company also manages an award-winning customer loyalty program, Hilton Honors.
Since it was founded in 1950 and it created the all-inclusive vacation concept, Club Med has been the world leader on its market, and has developed a resolutely upscale, friendly and multicultural spirit. Club Med boasts 70 resorts located in the most beautiful sites in the world, a cruise ship and Luxury Villas & Chalets and, now more than ever, is associated with dreams and happiness. There are 20,000 Gentle Organizers (G.Os) and Gentle Employees (G.Es) at Club Med, who work in the villages, but also at the Paris, Lyon, Singapore, Shanghai, Rio de Janeiro and Miami headquarters, in the sales offices situated in dozens of countries and in travel agencies.
Established in 1903, Taj is The Indian Hotels Company Limited’s (IHCL) iconic brand for the world’s most discerning travellers seeking luxury and authentic experiences. Taj has been rated as India’s Strongest Brand across all sectors for an unprecedented fourth time and also as the World’s Strongest Hotel Brand for the third consecutive year in 2024 by Brand Finance. From landmark city addresses to enchanting jungle safaris, and from idyllic resorts to authentic living Grand Palaces, each Taj hotel offers an unrivalled fusion of warm Indian hospitality, world-class service and modern luxury. Taj's unique portfolio comprises hotels across India, North America, United Kingdom, Africa, Middle East, Sri Lanka, Maldives and Nepal.
Welcome to Meliá Hotels International! From Mallorca to the world, our story is an exciting journey that began more than six decades ago and has led us to become one of the largest hotel chains on the planet and the most sustainable in Europe (S&P Global). With more than 400 hotels across the world, our passion for hospitality drives us to deliver unique and memorable experiences through our nine brands: Gran Meliá Hotels & Resorts, ME by Meliá, The Meliá Collection, Paradisus by Meliá, Meliá Hotels & Resorts, ZEL, INNSiDE by Meliá, Sol by Meliá and Affiliated by Meliá. If you are looking for a place where your talent can shine and contribute to a more sustainable future, Meliá Hotels International is your destination. We are a family of more than 45,000 people, where every one of us is a VIP (Very Inspiring People) and we are proud to be a Top Employer in multiple countries. Being part of Meliá is to undertake a journey without borders, because the possibilities for development and learning are endless. Here, we enjoy a passionate and familiar environment, full of opportunities where inspiration will always be with you. Join us and feel like a true VIP!
Latest updates, reports, and threat intel affecting the global network.
Craft CMS is a content management system (CMS). In versions 5.0.0-RC1 through 5.9.22 and 4.0.0-RC1 through 4.17.15, an attacker with only a GitHub account can plant a JavaScript payload in a craftcms/cms issue title. When a Craft admin uses the CraftSupport widget’s "Give feedback" screen and types a search term that returns the poisoned issue, the payload executes in the admin’s control panel session. No control panel account or elevated privileges are required on the attacker’s side. This issue has been fixed in versions 4.17.16 and 5.9.23.
Craft CMS is a content management system (CMS). In versions 5.0.0-RC1 through 5.9.21 and 4.0.0-RC1 through 4.17.14, theAssetsController::actionDeleteFolder() only requires the deleteAssets:<volume-uid> permission for the target folder. It never enforces deletePeerAssets:<volume-uid>, even though Assets::deleteFoldersByIds() cascades deletion to every descendant folder and every asset inside, regardless of the uploader's assigned privileges. A low-privilege user who has been granted folder-management rights on a shared volume can therefore destroy assets uploaded by other users (peer assets), bypassing the per-asset peer-permission check that the sibling actionDeleteAsset endpoint correctly applies. This issue has been fixed in versions 4.17.15 and 5.9.22.
Craft CMS is a content management system (CMS). Versions 5.0.0-RC1 through 5.9.20, and 4.0.0-RC1 through 4.17.13 contain an authorization issue in the AssetsController::actionReplaceFile that can delete a source asset without source delete permission by supplying both assetId and sourceAssetId. AssetsController::actionReplaceFile() supports replacing a target asset file using another existing asset as the source. The action loads: assetId -> $assetToReplace and sourceAssetId -> $sourceAsset, then enforces replace permissions using ($assetToReplace ?: $sourceAsset). When both IDs are provided, this expression resolves to the target asset so no permission check is performed against the source asset volume. When both assets are present, Craft copies the source file into the target and then deletes the source asset. There is no deletion check for for the source asset. An authenticated user who can replace files in one volume can delete assets in another volume where they do not have delete permission, as long as they can obtain a sourceAssetId, leading to broken content references and data loss. This issue has been fixed in versions 4.17.14 and 5.9.21.
Description: To issue and renew TLS certificates on behalf of customers, Cloudflare's Universal SSL feature automatically manages the CAA RRset for the customer's zone. This auto-managed RRset is permissive by design (e.g. 'issue "letsencrypt.org"' without parameters). On Universal SSL zones, Cloudflare's authoritative DNS serves this auto-managed RRset at query time, superseding any customer-configured CAA records on the zone. When a customer publishes a stricter CAA record using the RFC 8657 accounturi or validationmethods parameters, the Certificate Authority does not observe those parameters when evaluating the served RRset under RFC 8659. As a result, the RFC 8657 account-binding and validation-method-binding protections are not enforced end-to-end on Universal SSL zones. Successful exploitation could result in issuance of a browser-trusted TLS certificate to an attacker, enabling MITM against the affected domain. Exploitation is non-trivial in practice: an attacker would need to hold an ACME account at one of the Certificate Authorities in the served CAA RRset and to simultaneously satisfy domain control validation across the multiple geographically distinct Network Perspectives the CA relies on for Multi-Perspective Issuance Corroboration. Cloudflare prefixes are anycast-announced from hundreds of locations globally, raising the bar against single-vantage-point BGP hijacks. Any resulting misissuance of a browser-trusted certificate is subject to Certificate Transparency logging required by major browsers, and would be visible to CT monitoring. Mitigation: Customers requiring strict RFC 8657 enforcement need to disable Universal SSL on the affected zone. Universal SSL's automatic CAA management and customer-set RFC 8657 accounturi and validationmethods enforcement are mutually exclusive by the nature of the issue, so there is no in-product workaround that preserves both. Certificate Transparency monitoring is recommended for all customers as a general detection control. Credits: David Osipov (ORCID: https://orcid.org/0009-0005-2713-9242), independent researcher
Out of bounds read and write in Tint in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?
linkedin_id=axa' -H 'apikey: YOUR_API_KEY_HERE'
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.