I'm about to configure an outbound HTTP filter on my network to block drive-by-malware installs. While most of my systems are not vulnerable to these types of attacks, the extra layer of security is always a good idea.
In an article entitled Botnet malware defense on isc.sans.org, they provide several links to updated lists of malware-hosting domains.
One of the links is to a site called www.malwaredomains.com. Using their updated "domains.txt" list, it's fairly simple to parse into something that Squid will understand.