Acquista Criptovalute
Paga con
USD
USD
Buy & Sell
Hot
Supports Visa, Mastercard, SEPA & more
P2P
0 Fees
Flexible trading, zero fees
Gate Card
Use your crypto for payments worldwide
Mercati
Trading
Basic
Advanced
Futures
Futures
Access hundreds of perpetual contracts
CFD
Gold
One platform for global traditional assets
Opzioni
Hot
Trade European-style Vanilla Options
Conto unificato
Massimizza l'efficienza del tuo capitale
Demo Trading
Introduction to Futures Trading
Learn the basics of futures trading
Futures Events
Join events to earn rewards
Demo Trading
Use virtual funds to practice risk-free trading
Guadagna
Lancia
CandyDrop
tag
Raccogli le caramelle per guadagnare airdrop
Launchpool
Staking rapido, guadagna potenziali nuovi token
HODLer Airdrop
Fai holding GT e ottieni enormi airdrop gratuitamente
Pre-IPOs
Unlock full access to global stock IPOs
Alpha Points
Trade on-chain assets and earn airdrops
Futures Points
Earn futures points and claim airdrop rewards
Investimento
Square
Square
Post, share, and explore crypto trends
Live
moments live
Live crypto market analysis
Chat
Chat with crypto traders
News
What is happening in crypto
flower_head
Altro
Promozioni
AI
Altro
TradFi
WCTC S8
Rewards
MFA

Prezzo MFA Financial Inc

Closed
MFA
$9,90
+$0,15(+1,53%)

*Data last updated: 2026-05-10 15:38 (UTC+8)

As of 2026-05-10 15:38, MFA Financial Inc (MFA) is priced at $9,90, with a total market cap of $1,01B, a P/E ratio of 5,46, and a dividend yield of 14,54%. Today, the stock price fluctuated between $9,80 and $9,96. The current price is 1,02% above the day's low and 0,60% below the day's high, with a trading volume of 990,95K. Over the past 52 weeks, MFA has traded between $9,41 to $10,43, and the current price is -5,08% away from the 52-week high.

MFA Key Stats

Yesterday's Close$9,75
Market Cap$1,01B
Volume990,95K
P/E Ratio5,46
Dividend Yield (TTM)14,54%
Dividend Amount$0,36
Diluted EPS (TTM)1,29
Net Income (FY)$176,78M
Revenue (FY)$875,23M
Earnings Date2026-08-05
EPS Estimate0,31
Revenue Estimate$70,94M
Shares Outstanding103,66M
Beta (1Y)1.549
Ex-Dividend Date2026-03-31
Dividend Payment Date2026-04-30

About MFA

MFA Financial, Inc., together with its subsidiaries, operates as a real estate investment trust (REIT) in the United States. The company invests in residential mortgage assets, including non-agency mortgage-backed securities (MBS), agency MBS, and credit risk transfer securities; residential whole loans, including purchased performing loans, purchased credit deteriorated, and non-performing loans; and mortgage servicing rights related assets. The company has elected to be taxed as a REIT and would not be subject to federal income taxes if it distributes at least 90% of its taxable income to its stockholders. MFA Financial, Inc. was incorporated in 1997 and is headquartered in New York, New York.
SectorReal Estate
IndustryREIT - Mortgage
CEOCraig L. Knutson
HeadquartersNew York City,NY,US
Official Websitehttps://www.mfafinancial.com
Employees (FY)307,00
Average Revenue (1Y)$2,85M
Net Income per Employee$575,84K

MFA Financial Inc (MFA) FAQ

What's the stock price of MFA Financial Inc (MFA) today?

x
MFA Financial Inc (MFA) is currently trading at $9,90, with a 24h change of +1,53%. The 52-week trading range is $9,41–$10,43.

What are the 52-week high and low prices for MFA Financial Inc (MFA)?

x

What is the price-to-earnings (P/E) ratio of MFA Financial Inc (MFA)? What does it indicate?

x

What is the market cap of MFA Financial Inc (MFA)?

x

What is the most recent quarterly earnings per share (EPS) for MFA Financial Inc (MFA)?

x

Should you buy or sell MFA Financial Inc (MFA) now?

x

What factors can affect the stock price of MFA Financial Inc (MFA)?

x

How to buy MFA Financial Inc (MFA) stock?

x

Risk Warning

The stock market involves a high level of risk and price volatility. The value of your investment may increase or decrease, and you may not recover the full amount invested. Past performance is not a reliable indicator of future results. Before making any investment decisions, you should carefully assess your investment experience, financial situation, investment objectives, and risk tolerance, and conduct your own research. Where appropriate, consult an independent financial adviser.

Disclaimer

The content on this page is provided for informational purposes only and does not constitute investment advice, financial advice, or trading recommendations. Gate shall not be held liable for any loss or damage resulting from such financial decisions. Further, take note that Gate may not be able to provide full service in certain markets and jurisdictions, including but not limited to the United States of America, Canada, Iran, and Cuba. For more information on Restricted Locations, please refer to the User Agreement.

Other Trading Markets

MFA
CFD
Fai trading

Hot Posts su MFA Financial Inc (MFA)

KnightMan

KnightMan

8 ore fa
#Web3SecurityGuide In May 2026, the Web3 landscape has evolved into a high-stakes financial layer where "trustless" does not mean "risk-free." As institutional capital flows into tokenized real-world assets, the attack vectors have shifted from simple smart contract bugs to sophisticated AI-driven social engineering and UI deception attacks. The New Defense Standard Blind Signing Eradication: 2026 is the year of "human-readable" transactions. Modern wallets now use simulation engines to show exactly what assets will leave your wallet before you sign, neutralizing the "malicious approval" scams that dominated 2025. Address Poisoning Defense: Attackers now use "vanity addresses" to mimic your history. The gold standard is now a verified on-chain address book and the total abandonment of copying addresses from transaction logs. The Multisig Shift: For high-value holdings, 2-of-3 Multisig setups using separate hardware devices (e.g., Ledger and Trezor) are no longer optional—they are the baseline for "Self-Custody 2.0." [Image: A security dashboard showing a "Transaction Simulation" warning before a user signs a contract] Survival in this cycle requires a zero-trust mindset. By combining hardware-key MFA with weekly permission revokes, users can stay ahead of the "Red Queen" race where hackers and defenders are constantly sprinting to outpace one another
1
2
0
0
Yunna

Yunna

14 ore fa
#Web3SecurityGuide — The Ultimate Deep Dive into Staying Safe in the Decentralized World The rise of Web3 has transformed how people interact with the internet, shifting control from centralized authorities to individuals through blockchain technology. While this evolution brings transparency, ownership, and financial freedom, it also introduces a new layer of responsibility. In Web3, you are your own bank, your own security system, and your own recovery service. There is no “forgot password” button, no customer support to reverse a transaction, and no central authority to undo mistakes. This makes security not just important—but absolutely critical. At its core, Web3 security revolves around protecting private keys and digital identities. A private key is essentially the master password to your funds and assets. If someone gains access to it, they gain full control over everything in your wallet. Unlike traditional systems, there is no way to recover stolen assets once transferred. This is why one of the first rules of Web3 is simple: never share your private key or seed phrase with anyone, under any circumstances. Even legitimate-looking platforms, support agents, or influencers asking for this information are almost always part of a scam. Phishing attacks are among the most common threats in the Web3 space. Attackers create fake websites or send deceptive messages that mimic legitimate platforms to trick users into connecting their wallets or revealing sensitive information. These scams are becoming increasingly sophisticated, often replicating official interfaces down to the smallest detail. To stay safe, always double-check URLs, avoid clicking on suspicious links, and bookmark trusted websites instead of relying on search results or social media links. A single wrong click can lead to irreversible loss. Smart contracts are another critical component of Web3, and while they enable decentralized applications (dApps), they can also introduce vulnerabilities. A poorly written or unaudited smart contract can be exploited by attackers, resulting in massive financial losses. Before interacting with any dApp or investing in a project, it’s essential to research whether its smart contracts have been audited by reputable security firms. Even then, audits are not guarantees—they only reduce risk. Always approach new projects with caution, especially those promising unusually high returns. Wallet security is equally important. There are different types of wallets—hot wallets (connected to the internet) and cold wallets (offline storage). Hot wallets are convenient for daily use but are more vulnerable to hacks, malware, and phishing attacks. Cold wallets, such as hardware wallets, provide a higher level of security by keeping your private keys offline. For anyone holding significant assets, using a hardware wallet is strongly recommended. Additionally, enabling multi-factor authentication (MFA) on related accounts and keeping devices free from malware can add extra layers of protection. Social engineering is another underestimated threat in Web3. Attackers often exploit human psychology rather than technical vulnerabilities. They may impersonate trusted figures, create urgency, or offer fake opportunities to trick users into making poor decisions. Being skeptical is one of your best defenses. If something sounds too good to be true—like guaranteed profits, exclusive early access, or free tokens—it probably is. Always verify information from multiple sources before taking action. Token approvals and permissions are also a hidden risk that many users overlook. When you connect your wallet to a dApp, you often grant it permission to spend certain tokens. Malicious or compromised contracts can misuse these permissions to drain your wallet. Regularly reviewing and revoking unnecessary token approvals is a good security practice. There are tools available that allow you to manage these permissions and minimize exposure. Another important aspect of Web3 security is staying updated. The ecosystem evolves rapidly, and new threats emerge constantly. Following trusted security researchers, blockchain developers, and official project channels can help you stay informed about potential risks and vulnerabilities. Education is your strongest weapon in this space. The more you understand how Web3 works, the less likely you are to fall victim to scams. Backup and recovery planning should never be ignored. Your seed phrase should be stored securely, preferably offline, in multiple safe locations. Avoid storing it digitally on your phone, cloud storage, or screenshots, as these can be compromised. Some users even split their seed phrase into parts and store them separately to reduce risk. However, this must be done carefully to avoid losing access entirely. Ultimately, Web3 security is about mindset as much as technology. It requires constant vigilance, critical thinking, and a willingness to learn. Unlike traditional systems where security is often handled behind the scenes, Web3 puts the responsibility directly in your hands. This can feel overwhelming at first, but it also empowers users to take full control of their digital assets.
8
9
0
0
RunWithRugs

RunWithRugs

18 ore fa
(MENAFN- Crypto Breaking) The Linux bug nicknamed Copy Fail is drawing heightened attention from cybersecurity authorities, government agencies and the crypto sector. Described as a local privilege-escalation flaw, Copy Fail could let an attacker with basic user access gain full root control on affected systems. The issue has earned a place in the Cybersecurity and Infrastructure Security Agency's Known Exploited Vulnerabilities catalog, signaling a high-priority risk for organizations worldwide. Given how deeply Linux underpins crypto infrastructure-from exchanges and custody platforms to validators and node operators-a kernel-level vulnerability of this kind threatens to ripple through the ecosystem even though the flaw does not target blockchain protocols directly. Security researchers from Xint and Theori identified Copy Fail, which hinges on a logic error in how the Linux kernel handles memory operations within its cryptographic subsystems. In pragmatic terms, a regular user could manipulate the kernel's page cache-the temporary storage the system uses to speed up file I/O-to escalate privileges. What makes this flaw particularly alarming is how accessible the exploit appears to be: a compact Python script can trigger the vulnerability with only modest modifications, enabling root access on many Linux installations. Researcher Miguel Angel Duran has highlighted that the exploit can be demonstrated with roughly 10 lines of Python code on affected machines. Key takeaways Copy Fail (CVE-2026-31431) is a local privilege-escalation vulnerability affecting many mainstream Linux distributions released since 2017, not a remote-exploit against blockchain protocols. A working proof-of-concept exploit is publicly available, increasing the risk of rapid exploitation after the initial foothold. The flaw stems from how the kernel manages its page cache during memory operations, allowing basic users to gain root control on vulnerable systems. Crypto infrastructure-validators, nodes, exchanges, custody services and cloud-based trading-could face indirect but serious consequences if attackers compromise underlying Linux servers. Copy Fail: how the exploit works and why it matters for crypto Root access in a Linux server equates to the“master key” to the machine. With it, an attacker can install or remove software, view or exfiltrate sensitive data and reconfigure protections, potentially turning off monitoring tools or altering security settings. Copy Fail exploits a flaw in the kernel's handling of the page cache, a fast-access memory area used to accelerate file operations. By manipulating cached data under specific conditions, an attacker can bypass intended permission checks and elevate privileges. The exploit is not a remote attack. A target must already be reachable-via phishing, compromised credentials or another initial access vector-before privilege escalation can occur. Once foothold is established, the attacker can expand control across the host and, in the context of crypto operations, threaten custodial wallets, hot nodes, and trading or node-management infrastructure. The crypto industry's dependence on Linux is wide-ranging. Validators and full nodes rely on Linux-based servers; mining operations and pools run on Linux ecosystems; centralized and decentralized exchanges depend on Linux-driven backend stacks; custodial services and wallet infrastructure are Linux-backed; and cloud-based trading systems often sit upon Linux infrastructure. A kernel vulnerability that enables rapid, broad privilege escalation thus carries outsized risk for operational continuity and key security. Public commentary and analyses emphasize several factors that compound the risk: the flaw affects a broad set of distributions, a working PoC is publicly available, and the vulnerability has persisted in kernels going back to 2017. As security firms and researchers underscore, once exploit code circulates, threat actors can quickly identify unpatched hosts for exploitation. The timing also matters: disclosures arrive as the cybersecurity community increasingly examines how artificial intelligence can accelerate vulnerability discovery and weaponization. AI, vulnerability discovery and crypto's exposure The Copy Fail disclosure arrives amid a broader push to incorporate artificial intelligence into vulnerability research. Initiatives like Project Glasswing, backed by a coalition including Amazon Web Services, Anthropic, Google, Microsoft and the Linux Foundation, highlight a trend where AI tooling is rapidly improving at identifying and instrumenting weaknesses in code. Anthropic and others have argued that modern AI models can outperform humans in spotting exploitable bugs within complex software, potentially accelerating both offense and defense in cybersecurity. For the crypto sector, the intersection of AI-driven vulnerability discovery and kernel-level flaws raises red flags. Crypto systems-built on layered open-source technologies and deployed across heterogeneous infrastructures-can be particularly susceptible to AI-enhanced attack patterns. If adversaries combine initial access with quick privilege escalation on Linux-based servers, the knock-on effects could include compromised validators, tainted node operators and disrupted service for exchanges and custodians. In practical terms, even if a direct blockchain protocol breach is unlikely, the integrity of the underlying systems powering the crypto economy remains a critical concern. Large exchanges and custodial platforms operate at scale on Linux-centric stacks, and a successful, widespread kernel exploit could lead to downtime, credential leakage or wallet exposure-outcomes that would reverberate through trading and settlement services globally. Defense in depth: practical steps for organizations and users Addressing Copy Fail requires a coordinated mix of rapid patching, access control and proactive monitoring. The guidance emerging from security briefs points to a structured response for different actors in the crypto ecosystem: For cryptocurrency organizations and infrastructure teams Implement and verify official kernel and system patches as soon as they are released by upstream vendors and distribution maintainers. Limit local user accounts and permissions; enforce the principle of least privilege across all Linux hosts. Regularly audit cloud instances, virtual machines and physical servers for unusual privilege-escalation activity. Improve monitoring for anomalous authentication attempts and privilege escalations; implement robust SSH hardening and key management. Review container orchestration, cloud IAM policies and network segmentation to minimize blast radius if a host is compromised. For everyday crypto users Keep operating systems and essential software up to date with the latest security patches. Avoid unverified software sources and crypto tooling; prefer hardware wallets for significant holdings. Enable MFA wherever possible and isolate high-value wallet activity from routinely used devices. For node runners, validators and developers Prioritize prompt kernel and security updates; subscribe to relevant security bulletins and advisories. Audit container environments, orchestration tools and cloud permissions for over-privileged configurations. Enforce the minimum viable privileges for administrators and ensure robust change controls around critical systems. What to watch next and why it matters The Copy Fail disclosure reinforces a broader truth: the security of crypto systems is as much about the integrity of the operating environment as it is about protocols, keys and consensus. While the vulnerability does not directly attack blockchain networks, its potential to destabilize the servers and services that support crypto ecosystems makes urgent patching and hardening essential. As AI-driven tools reshape vulnerability discovery, readers should expect rapid cycles of disclosure and remediation, making timely updates and vigilant security hygiene more important than ever for exchanges, validators and users alike. Looking ahead, market participants should monitor how major Linux distributions respond, the pace of patch deployment across exchanges and custodians, and any changes in incident response practices within the crypto infrastructure community. If threat actors begin exploiting Copy Fail at scale, the next few quarters could test the resilience of large-grade crypto operations and highlight the ongoing need for defense-in-depth in both software supply chains and operational security. For now, the focus remains clear: patch early, monitor closely and assume that privileged access, once obtained, can rapidly cascade unless defenses hold firm. Sources and related context include official sector advisories and technical analyses from security researchers and industry researchers, with updates referenced from CISA's KEV catalog and reporting on the Copy Fail vulnerability, public PoCs, and AI-assisted vulnerability research initiatives. ** Risk & affiliate notice:** Crypto assets are volatile and capital is at risk. This article may contain affiliate links. MENAFN09052026008006017065ID1111090247
0
0
0
0